[Duplicity-talk] gpg: sign+symmetric

duplicity-talk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Duplicity-talk] gpg: sign+symmetric

From:	Richard
Subject:	[Duplicity-talk] gpg: sign+symmetric
Date:	Tue, 4 Oct 2011 21:24:48 +0200

Hello,

The man page for duplicity 0.6.15 says:

       If  symmetric encryption is used and the signing key is passphrase-pro-
       tected, the encryption passphrase must  equal  the  passphrase  of  the
       signing key.

And:

       This limitation can be circumvented by using gpg-agent for
       storing the passphrase of the signing key and the  PASSPHRASE  environ-
       ment  variable for the encryption key or by enabling asymmetric encryp-
       tion using the --encrypt-key option.

I have tried the former, but PASSPHRASE is ignored if --use-agent is on:
duplicity does use the agent to get the signing key, but prompts for
the symmetric encryption passphrase
-- which is a little annoying since it has to be entered twice for
each file to be encrypted.

I haven't looked into duplicity's code, however I tried this directly
with gpg (1.4.11):
$ gpg -sc --passphrase string --use-agent file

and then '--passphrase string' is ignored, gpg asks for the encryption password.

Please correct me if I overlooked something.

[Prev in Thread]

Current Thread

[Next in Thread]

[Duplicity-talk] gpg: sign+symmetric, Richard <=
- Re: [Duplicity-talk] gpg: sign+symmetric, edgar . soldin, 2011/10/04
  - Re: [Duplicity-talk] gpg: sign+symmetric, Richard, 2011/10/05

Prev by Date: Re: [Duplicity-talk] Solaris: Restore/GPG issues
Next by Date: Re: [Duplicity-talk] gpg: sign+symmetric
Previous by thread: [Duplicity-talk] What's a "secondary backup chain "?
Next by thread: Re: [Duplicity-talk] gpg: sign+symmetric
Index(es):
- Date
- Thread