On Tue, 23 Jun 2026 09:59:33 +0200, Francesco Poli writes: >Isn't this a bug anyway, even though of smaller severity?
i don't think so, as the --no-check-remote option exists. as far as i understand the relevant logic, the primary assumption behind (force-)checking the remote manifests is that you either use symmetric encryption, or encrypt and sign and with gpg-agent fully primed and ready or with passphrase(s) preset via the environment. my interpretation is that upstream considers this case, where the backup machine can be (and is) trusted, but maybe not the repository, is the more critical they want to cover. the asymmetric encrypt-only scenario (which i personally also definitely require) reverses the trust assumptions, and needs no remote manifest checking. i'd say there is no bug as long as both scenarios remain supported (or until one is cleanly retired). (see also the section 'A NOTE ON SYMMETRIC ENCRYPTION AND SIGNING' in the duplicity manpage.) regarding actual passphrase interaction i'm not certain what is and isn't supported with what exact version of gpg2, with respect to operation without gpg-agent. personally i don't use gpg2. -- Alexander Zangerl + GPG Key 2FCCF66BB963BD5F + https://snafu.priv.at/ The terrorists have won. They have successfully convinced America to attack itself. -- Steve Kirsch
signature.asc
Description: Digital Signature
