[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Unnecessarily asking for passphrase on incremental
|
From: |
Kenneth Loafman |
|
Subject: |
Re: [Duplicity-talk] Unnecessarily asking for passphrase on incremental backup |
|
Date: |
Fri, 10 Apr 2009 14:48:52 -0500 |
|
User-agent: |
Thunderbird 2.0.0.21 (X11/20090318) |
Georg Lutz wrote:
> On 2009-04-07 15:55, Kenneth Loafman wrote:
>> Duplicity needs the key to decrypt the remote manifest file, which it
>> then compares to the local manifest to guarantee that the two are in
>> sync. If you are running a recent release of duplicity, --use-agent is
>> available to allow gpg to query a gpg-agent instead of the user.
>>
>
> Hi Ken,
>
> Ok, I understand that this make the data handling much more robust and
> probably fixes another severe bug.
>
> However this breaks the nice feature that duplicity didn't need access
> to a secret key just for doing backups up to version 0.5.12 . I liked
> it, because the backup should work fully unattended - the concerning
> workstations/servers just had to be switched on at a certain time. Now I
> have to make sure to manually unlock the secret key on every machine to
> let the backup happen. The same issue was recently reported as bug
> #26112.
>
> Couldn't the data integrity check been done without decrypting the
> remote manifest? The archive-dir could hold e.g. an additional file with
> a checksum for the encrypted remote manifest. What do you think? Would
> this be feasible?
This is a good idea. If the archive dir had the name and a hash of the
latest manifest gpg file that could be checked and all would be OK.
Taking it a step further, hashes for all of the remote files could be
saved in the archive. During a restore, it would be nice to know that
the downloaded file had been corrupted.
I'll keep this in mind and get it fixed, at least the first part.
...Ken
signature.asc
Description: OpenPGP digital signature