I changed my OS to next Ubuntu LTS 18.04.
First trial to use duplicity after some month with images ended
with an error - and I am not sure if the problem fits to the
Duplicity-talk mails below concerning GnuPG MDC errors.
If it is the same problem: Can somebody tell me how to turn off MDC
via gpg options? Or where to get the information?
Anyhow: Would be nice to get any tips.
Thanks alot in advance
Encryption failed (Code 2).
gpg: WARNUNG: Unsicheres Besitzverhältnis des Home-Verzeichnis
gpg: "YYYYYYYY" wird als voreingestellter geheimer
[GNUPG:] KEY_CONSIDERED ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ A
[GNUPG:] KEY_CONSIDERED CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC B
[GNUPG:] BEGIN_SIGNING H8
[GNUPG:] PINENTRY_LAUNCHED 7172 gnome3:curses 1.1.0 -
gpg: Beglaubigung fehlgeschlagen: Unpassender IOCTL (I/O-Control)
für das Gerät
[GNUPG:] BEGIN_ENCRYPTION 2 9
[GNUPG:] FAILURE sign-encrypt 83918950
gpg: /usr/bin/duply: sign+encrypt failed: Unpassender IOCTL
(I/O-Control) für das Gerät
This error means that gpg is probably misconfigured or not working
correctly. The error message above should help to solve the
However, if for some reason duply should misinterpret the
can define GPG_TEST='disabled' in the conf file to bypass the
Please do not forget to report the bug in order to resolve the
in future versions of duply.
-------- Weitergeleitete Nachricht --------
Betreff: Re: [Duplicity-talk] Ignoring GnuPG MDC errors
Datum: Wed, 5 Sep 2018 15:42:21 -0500
Von: Kenneth Loafman via Duplicity-talk <address@hidden>
Antwort an: Discussion about duplicity backup
An: Discussion about duplicity backup <address@hidden>
Kopie (CC): Kenneth Loafman <address@hidden>
Prior to GNUpg 2.2.8, the MDC (modify detection code) was
it's on by default. Duplicity does a hash of the entire file so
the MDC is
duplication of effort. Plus the effort is difficult when maintaining
backwards compatibility. I decided that other development was more
important at this time, so turned off MDC via gpg options and got
the problem. You are still protected by the hash stored in the
On Tue, Sep 4, 2018 at 5:45 PM Leo Famulari via Duplicity-talk <
I'm curious about the resolution of bug #1780617 ,
"test_sigchain_fileobj test fails when GnuPG >= 2.2.8".
The bug was filed in response to a recent change in GnuPG that
check for integrity errors ("MDC errors") in encrypted archives by
default, and to consider integrity errors to be a hard failure.
This change in GnuPG caused a test failure in Duplicity, and the
response was to unconditionally ignore the result of the integrity
The Duplicity web page says, "Because duplicity uses GnuPG to encrypt
and/or sign these archives, they will be safe from spying and/or
modification by the server."
I don't fully understand the impact of this change on Duplicity,
Duplicity stores and authenticates its archives. How does Duplicity
protect against modification of backup archives?
Duplicity-talk mailing list
Duplicity-talk mailing list