duplicity-talk
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] strategy for error: sign+encrypt failed: unusable p

From: edgar . soldin
Subject: Re: [Duplicity-talk] strategy for error: sign+encrypt failed: unusable public key
Date: Wed, 22 Oct 2008 20:01:08 +0200
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.17) Gecko/20080914 Thunderbird/2.0.0.17 Mnenhy/0.7.5.0 
hey colin & all,
the initial problem here is the imported but untrusted key .. the goal for me (hence the ftplicity user) is to do encrypted backups. Initially gpg obviously denies encrypting (but signs with a warning). I am now searching for a short (few steps) and/or easy way (dummy proof) to deal with it. 

My current (one step) solutions are:
gpg --edit-key and trust 5 (ultimate) .. the standard way
or my current favourite
use gpg option --always-trust with duplicity (still it warns, it doesnt when I do my examples below, anybody knows why?)
yours obviously involves more steps, which I am not sure the ordinary user needs to do. Usually private & public key reside on the duplicity host. Or? 

some examples:

Signing works with warning.
# echo "password" | gpg --passphrase-fd 0 -s -r FFFFFFFF --batch -o /dev/null test.txt 
gpg: WARNING: recipients (-r) given without using public key encryption

Encrypting doesnt work.
# echo "password" | gpg --passphrase-fd 0 -e -r FFFFFFFF --batch -o /dev/null test.txt 
gpg: FFFFFFFF : There is no assurance this key belongs to the named user
gpg: test.txt: encryption failed: unusable public key

This works (--always-trust):
# echo "password" | gpg --passphrase-fd 0 -e -r FFFFFFFF --batch --always-trust -o /dev/null test.txt 
as well as
# echo "password" | gpg --passphrase-fd 0 -se -r FFFFFFFF --batch --always-trust -o /dev/null test.txt 

There is a warning though:
gpg: WARNING: Using untrusted key!
this comes up when I use duplicity in -v 5 and --gpg-options="--always-trust" using the untrusted key.
I am open for more suggestions.. I am afraid I am overlooking something. Again I am afraid that --always-trust is a security issue. Is it? 

any comments? ..ede

--
I may be missing something as I'll admit I've been too lazy to look closely at this thread, but that seems to be a similar warning I get when dealing with running duplicity from remote systems that don't have the private key of the crypt key on them. In that case so long as I sign the key with that system local key (which has a private) and additionally specify the --gpgoptions of --default-key and provide the HEX of the key that signed the public side of the crypto key that warning went away. 

C

address@hidden wrote:
any suggestion on the tow ways of preventing it? ... Which route would you suggest (detection or circumvention)? to say .. not to use the --always-trust gpg switch .. which still prints out a warning in verbose 5 
or better detect the trust issue and ask the user top resolve it first?
here one and the same 'gpg --always-trust' enabled job with and -v 4 & then -v 5 .. although it is no error it would be nice to have the warning printed at -v 4 as well 

regards ede
--
h81501:/srv/www/jamoke.net # PATH=~jamoke/_apps/duplicity-0.5.02/bin/:$PATH ./ftplicity_1.4.1/ftplicity.sh bhoweb_13b bkp -v4 
Start ftplicity.sh v1.4.1b, time is 10/22/08 16:32:48.
Using profile '/etc/ftplicity/bhoweb_13b'.
Using installed duplicity version 0.5.02 (OK).

--- Start running command BKP (16:32:49.281) ---
Running duplicity - OK
Output: NcFTP version is 3.2.0
Reading globbing filelist /etc/ftplicity/bhoweb_13b/exclude
Last full backup date: Mon Oct 20 10:25:34 2008
--------------[ Backup Statistics ]--------------
StartTime 1224685980.63 (Wed Oct 22 16:33:00 2008)
EndTime 1224686084.37 (Wed Oct 22 16:34:44 2008)
ElapsedTime 103.74 (1 minute 43.74 seconds)
SourceFiles 10921
SourceFileSize 1199374069 (1.12 GB)
NewFiles 0
NewFileSize 0 (0 bytes)
DeletedFiles 0
ChangedFiles 3
ChangedFileSize 597239812 (570 MB)
ChangedDeltaSize 0 (0 bytes)
DeltaEntries 3
RawDeltaSize 11539 (11.3 KB)
TotalDestinationSizeChange 3812 (3.72 KB)
Errors 0
-------------------------------------------------
--- Finished (16:34:46.205) Runtime 00:01:56.924 ---
h81501:/srv/www/jamoke.net # PATH=~jamoke/_apps/duplicity-0.5.02/bin/:$PATH ./ftplicity_1.4.1/ftplicity.sh bhoweb_13b bkp -v5 
Start ftplicity.sh v1.4.1b, time is 10/22/08 16:36:11.
Using profile '/etc/ftplicity/bhoweb_13b'.
Using installed duplicity version 0.5.02 (OK).

--- Start running command BKP (16:36:12.541) ---
Running duplicity - OK
Output: NcFTP version is 3.2.0
Using temporary directory /tmp/duplicity-hR1s-r-tempdir
Reading globbing filelist /etc/ftplicity/bhoweb_13b/exclude
Reading results of 'ncftpls -f /tmp/duplicity-hR1s-r-tempdir/mkstemp-xfkUHm-1 -F -t 30 -l 'ftp://backup.serverkompetenz.de/bho13b/'' Reading results of 'ncftpls -x '' -f /tmp/duplicity-hR1s-r-tempdir/mkstemp-xfkUHm-1 -F -t 30 'ftp://backup.serverkompetenz.de/bho13b/'' 
Last full backup date: Mon Oct 20 10:25:34 2008
Running 'ncftpget -f /tmp/duplicity-hR1s-r-tempdir/mkstemp-xfkUHm-1 -F -t 30 -V -C 'backup.serverkompetenz.de' 'bho13b/duplicity-inc.2008-10-22T16_29_28+02_00.to.2008-10-22T16_32_49+02_00.manifest.gpg' '/tmp/duplicity-hR1s-r-tempdir/mktemp-RbWkRw-2'' (attempt #1) 
gpg: encrypted with 2048-bit ELG-E key, ID 8BBFE27F, created 2007-12-17
     "bho duplicity"
gpg: Signature made Wed Oct 22 16:34:44 2008 CEST using DSA key ID FFF83736 
gpg: Good signature from "bho duplicity"
gpg: WARNING: Using untrusted key!
Running 'ncftpget -f /tmp/duplicity-hR1s-r-tempdir/mkstemp-xfkUHm-1 -F -t 30 -V -C 'backup.serverkompetenz.de' 'bho13b/duplicity-full-signatures.2008-10-20T10_25_34+02_00.sigtar.gpg' '/tmp/duplicity-hR1s-r-tempdir/mktemp-zdvqfr-4'' (attempt #1) Running 'ncftpget -f /tmp/duplicity-hR1s-r-tempdir/mkstemp-xfkUHm-1 -F -t 30 -V -C 'backup.serverkompetenz.de' 'bho13b/duplicity-new-signatures.2008-10-20T10_25_34+02_00.to.2008-10-22T02_00_07+02_00.sigtar.gpg' '/tmp/duplicity-hR1s-r-tempdir/mktemp-dT8-No-5'' (attempt #1) Running 'ncftpget -f /tmp/duplicity-hR1s-r-tempdir/mkstemp-xfkUHm-1 -F -t 30 -V -C 'backup.serverkompetenz.de' 'bho13b/duplicity-new-signatures.2008-10-22T02_00_07+02_00.to.2008-10-22T16_26_22+02_00.sigtar.gpg' '/tmp/duplicity-hR1s-r-tempdir/mktemp-xonH7k-6'' (attempt #1) Running 'ncftpget -f /tmp/duplicity-hR1s-r-tempdir/mkstemp-xfkUHm-1 -F -t 30 -V -C 'backup.serverkompetenz.de' 'bho13b/duplicity-new-signatures.2008-10-22T16_26_22+02_00.to.2008-10-22T16_29_28+02_00.sigtar.gpg' '/tmp/duplicity-hR1s-r-tempdir/mktemp-byHhJD-7'' (attempt #1) Running 'ncftpget -f /tmp/duplicity-hR1s-r-tempdir/mkstemp-xfkUHm-1 -F -t 30 -V -C 'backup.serverkompetenz.de' 'bho13b/duplicity-new-signatures.2008-10-22T16_29_28+02_00.to.2008-10-22T16_32_49+02_00.sigtar.gpg' '/tmp/duplicity-hR1s-r-tempdir/mktemp-hbRoR_-8'' (attempt #1) 
AsyncScheduler: instantiating at concurrency 0
Generating delta - changed file: bho_app_access.log
gpg: encrypted with 2048-bit ELG-E key, ID 8BBFE27F, created 2007-12-17
     "bho duplicity"
gpg: Signature made Wed Oct 22 16:34:45 2008 CEST using DSA key ID FFF83736 
gpg: Good signature from "bho duplicity"
gpg: WARNING: Using untrusted key!
gpg: encrypted with 2048-bit ELG-E key, ID 8BBFE27F, created 2007-12-17
     "bho duplicity"
gpg: Signature made Wed Oct 22 16:31:08 2008 CEST using DSA key ID FFF83736 
gpg: Good signature from "bho duplicity"
gpg: WARNING: Using untrusted key!
gpg: encrypted with 2048-bit ELG-E key, ID 8BBFE27F, created 2007-12-17
     "bho duplicity"
gpg: Signature made Wed Oct 22 16:28:17 2008 CEST using DSA key ID FFF83736 
gpg: Good signature from "bho duplicity"
gpg: WARNING: Using untrusted key!
gpg: encrypted with 2048-bit ELG-E key, ID 8BBFE27F, created 2007-12-17
     "bho duplicity"
gpg: Signature made Wed Oct 22 02:03:02 2008 CEST using DSA key ID FFF83736 
gpg: Good signature from "bho duplicity"
gpg: WARNING: Using untrusted key!
gpg: encrypted with 2048-bit ELG-E key, ID 8BBFE27F, created 2007-12-17
     "bho duplicity"
gpg: Signature made Mon Oct 20 10:31:24 2008 CEST using DSA key ID FFF83736 
gpg: Good signature from "bho duplicity"
gpg: WARNING: Using untrusted key!
AsyncScheduler: running task synchronously (asynchronicity disabled)
Running 'ncftpput -f /tmp/duplicity-hR1s-r-tempdir/mkstemp-xfkUHm-1 -F -t 30 -m -V -C '/tmp/duplicity-hR1s-r-tempdir/mktemp-mpHKW_-9' 'bho13b/duplicity-inc.2008-10-22T16_32_49+02_00.to.2008-10-22T16_36_12+02_00.vol1.difftar.gpg'' (attempt #1) 
AsyncScheduler: task complete
Running 'ncftpput -f /tmp/duplicity-hR1s-r-tempdir/mkstemp-xfkUHm-1 -F -t 30 -m -V -C '/tmp/duplicity-hR1s-r-tempdir/mktemp-d8eX0Q-10' 'bho13b/duplicity-inc.2008-10-22T16_32_49+02_00.to.2008-10-22T16_36_12+02_00.manifest.gpg'' (attempt #1) Running 'ncftpput -f /tmp/duplicity-hR1s-r-tempdir/mkstemp-xfkUHm-1 -F -t 30 -m -V -C '/tmp/duplicity-hR1s-r-tempdir/mktemp-D0G8T0-3' 'bho13b/duplicity-new-signatures.2008-10-22T16_32_49+02_00.to.2008-10-22T16_36_12+02_00.sigtar.gpg'' (attempt #1) 
--------------[ Backup Statistics ]--------------
StartTime 1224686183.57 (Wed Oct 22 16:36:23 2008)
EndTime 1224686276.69 (Wed Oct 22 16:37:56 2008)
ElapsedTime 93.12 (1 minute 33.12 seconds)
SourceFiles 10921
SourceFileSize 1199383295 (1.12 GB)
NewFiles 0
NewFileSize 0 (0 bytes)
DeletedFiles 0
ChangedFiles 1
ChangedFileSize 577379891 (551 MB)
ChangedDeltaSize 0 (0 bytes)
DeltaEntries 1
RawDeltaSize 5885 (5.75 KB)
TotalDestinationSizeChange 2509 (2.45 KB)
Errors 0
-------------------------------------------------
--- Finished (16:37:58.304) Runtime 00:01:45.763 ---


---


address@hidden wrote:

Hello all,
somebody switching from an old to the recent ftplicity version came up 
with an error similar to this...
gpg: FFFFFFFF: There is no assurance this key belongs to the named user 
gpg: [stdin]: sign+encrypt failed: unusable public key
gpg: encrypted with 2048-bit ELG-E key, ID FFFFFFFF, created 2007-12-17 
     "duplicity"
gpg: FFFFFFFF: There is no assurance this key belongs to the named user 
gpg: [stdin]: sign+encrypt failed: unusable public key
this was because the selected key was not trusted, he didn't know why it 
suddenly happend, because the former combination of ftplicity
1.1.1/duplicity 0.4.9/gpg-1.4.5-24.4 worked fine.... but still this can happen when installing/switching machines or accounts - so it should be 
prevented .. especially as the gpg error message only comes up with
verbosity 5 or more
... this made me think of ways to prevent this error .. as I didn't find a way to let gpg show the trust state of a key, the only way for now is 
to test-sign+encrypt something and to check if that throws an error
e.g. > echo "$PASS" | gpg --passphrase-fd 0 -e -r FFFFFFFF --batch -o
/tmp/mktemp.file test.txt
the other solution I think of is a bit more straight forward ... why not 
setting gpg --trust-always  .. as  the user selects  a key that he/her
obviously wants to use and therefore has to trust
I am interested in opinions about this idea .. as there is currently no scenario I can imagine, except of a hacked backup user account (but then 
everything is lost already, so it doesn't matter),  where the
--trust-always could be security problematic
on the other hand .. if there is an easy way to doublecheck if a key is 
trusted ultimately, I still would think about this way, as test
encrypting someting does not seem very elegant to me


Thanks for the heads up on this one.  I'll look into it.

...Ken
------------------------------------------------------------------------ 

_______________________________________________
Duplicity-talk mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/duplicity-talk




_______________________________________________
Duplicity-talk mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/duplicity-talk




_______________________________________________
Duplicity-talk mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/duplicity-talk
reply via email to
[Prev in Thread] Current Thread [Next in Thread]