[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] Duplicity asking encrypt-key passphrase?

From: edgar . soldin
Subject: Re: [Duplicity-talk] Duplicity asking encrypt-key passphrase?
Date: Sun, 08 Jul 2012 21:53:53 +0200
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20120614 Thunderbird/13.0.1

On 08.07.2012 20:20, Etienne Perot wrote:
> On July 8, 2012 10:49:46 address@hidden wrote:
>> On 08.07.2012 07:00, Etienne Perot wrote:
>>> Hi,
>>> I have generated 2 PGP keys, one for encryption and one for signing.
>>> Both of them are RSA/RSA keypairs, with different passphrases, different
>>> names, and different email addresses attached to them.
>>> I am running duplicity using:
>>> export SIGN_PASSPHRASE="(passphrase of signing key)"
>>> duplicity full \
>>>   --encrypt-key (key id of encryption key) \
>>>   --sign-key (key id of signing key) \
>>>   /home file:///media/home-server/backup
>>> This works fine and the full bakcup is performed. No problems here.
>>> However, when I do an incremental backup using the exact same command but
>>> replacing "full" by "incremental", duplicity first says:
>>> Local and Remote metadata are synchronized, no sync needed.
>>> Last full backup date: Sat Jul  7 21:01:14 2012
>>> But duplicity doesn't exit; it then asks for a passphrase. It prompts for
>>> "GnuPG passphrase:" (as opposed to "GnuPG passphrase for signing key:"),
>>> so it is asking for the *encryption* key passphrase, not the signing key
>>> passphrase. If I give it the signing key passphrase, it fails with the
>>> error:
>>> GPGError: GPG Failed, see log below:
>>> ===== Begin GnuPG log =====
>>> gpg-agent[9188]: enabled debug flags: assuan
>>> random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
>>> outmix=0 getlvl1=0/0 getlvl2=0/0
>>> secmem usage: 384/32768 bytes in 2 blocks
>>> ===== End GnuPG log =====
>>> If on the other hand I give it the encryption key passphrase, the
>>> incremental backup works and everything goes through.
>>> My question is: why do I need to provide my encryption key passphrase?
>>> Does
>>> duplicity need to decrypt anything? I would like those backups to be
>>> unattended, and obviously I wouldn't want to store the encryption key
>>> passphrase here.
>>> I have tried the same process but using PASSPHRASE instead of
>>> SIGN_PASSPHRASE, and I have tried using both variables set. I have found
>>> the the incremental only works when PASSPHRASE is set to the encryption
>>> key's passphrase (and in those cases, it doesn't prompt for a
>>> passphrase).
>>> I am using duplicity 0.6.19 from the Arch repositories.
>>> Thanks in advance.
>> hi Etienne,
>> the password for the encryption key is of course always needed when a
>> decryption occurs. this is e.g. the case when
>> - archive dir (local unencrypted metadata cache) needs to be updated
>> - you want to restore
>> none of which "seems" to be the case here.
>> but you probably stumbled over this long standing issue regarding syncing
>> the archive dir, make sure you read the mailing list thread for more
>> details. https://bugs.launchpad.net/duplicity/+bug/687295
> Okay, so if I'm reading this right, it asks for the passphrase because it 
> needs to decrypt the manifest file so that it can check if the two 
> directories 
> are in sync. But then, why does duplicity say
> "Local and Remote metadata are synchronized, no sync needed."
> before asking for the passphrase? It seems it already knows that there's 
> nothing to do, so why ask for a passphrase after that?

can't say for sure. you would have to dig into the code to find that out.

> Additionally, with this issue present, how can I achieve my initial goal 
> (unattended backups)? Do I have to store the private encryption key and its 
> passphrase on the box?

if it is really this issue try setting LANG to english as described here 

alternatively you could of course still
a. use a specific encryption key not your private one (you could actually add 
your private one as second encryption key) and yes store the password on the 
machine. rationale is: whoever can read the password can actually fiddle with 
your data to be backed up as well as access your backup repository with the 
credentials/keys on the machine. so not having the key there actually /only/ 
prevents a hacker from finding out what data /was/ on that machine at one time 
in the past.
b. use symmetric encryption with a really strong password


reply via email to

[Prev in Thread] Current Thread [Next in Thread]