Question #658091 on Duplicity changed:
https://answers.launchpad.net/duplicity/+question/658091
Status: Answered => Open
ardabro is still having a problem:
Sorry, maybe my English is too bad. Also I see I introduced a bit mess in this
line:
"I'm able to decrypt with gpg key without entering any password (third
confusion)"
This is false. It asks for password that secures my GPG key(s), and ONLY for
this one.
Actually it asks everytime because I have gpg keys caching disabled.
So, when decrypting, the behaviour is 100% CORRECT for scenario with gpg keys.
The problem occurs when backup is created.
Once again the whole case (PLEASE, READ CAREFULLY):
1) run duplicity with optios as previously
2) provide ___ANY_RANDOM_UNNECESSARY_USELESS_PASSWORD__ after "GnuPG passphrase
for decryption:" (only once, no confirmation required!)
3) provide __REAL__ password that wraps my BOTH gpg keys (it is actually the
same key pair) after "GnuPG passphrase for signing key:"
4) backup is created.
5) run gpg --output xxx --decrypt duplicity-full*.gpg OR duplicity
restore file://dst trg
6) provide __REAL__ password that wraps my both keys (the same one as used in
p3)
7) file is decrypted or backup restored WITHOUT using this
___ANY_RANDOM_UNNECESSARY_USELESS_PASSWORD__ used in p2 !
The above scenario is 100% reproductible!
P.S.
In p2) duplicity asks the for the password with exactly the same way as it does
it twice when I encrypt with password directly (no keys).
But this time it doesn't use entered value at all (why should it use it when a
gpg-key is used for encryption?)
--
You received this question notification because your team duplicity-team
is an answer contact for Duplicity.
_______________________________________________
Mailing list: https://launchpad.net/~duplicity-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~duplicity-team
More help : https://help.launchpad.net/ListHelp
