Question #658091 on Duplicity changed: https://answers.launchpad.net/duplicity/+question/658091
Status: Open => Answered edso proposed the following answer: On 9/17/2017 18:09, ardabro wrote: > Question #658091 on Duplicity changed: > https://answers.launchpad.net/duplicity/+question/658091 > > Status: Answered => Open > > ardabro is still having a problem: > Sorry, maybe my English is too bad. Also I see I introduced a bit mess in > this line: > "I'm able to decrypt with gpg key without entering any password (third > confusion)" > This is false. It asks for password that secures my GPG key(s), and ONLY for > this one. > Actually it asks everytime because I have gpg keys caching disabled. > So, when decrypting, the behaviour is 100% CORRECT for scenario with gpg keys. > The problem occurs when backup is created. > > Once again the whole case (PLEASE, READ CAREFULLY): > > 1) run duplicity with optios as previously > 2) provide ___ANY_RANDOM_UNNECESSARY_USELESS_PASSWORD__ after "GnuPG > passphrase for decryption:" (only once, no confirmation required!) > 3) provide __REAL__ password that wraps my BOTH gpg keys (it is actually the > same key pair) after "GnuPG passphrase for signing key:" > 4) backup is created. > 5) run gpg --output xxx --decrypt duplicity-full*.gpg OR duplicity > restore file://dst trg > 6) provide __REAL__ password that wraps my both keys (the same one as used in > p3) > 7) file is decrypted or backup restored WITHOUT using this > ___ANY_RANDOM_UNNECESSARY_USELESS_PASSWORD__ used in p2 ! > > The above scenario is 100% reproductible! > > P.S. > In p2) duplicity asks the for the password with exactly the same way as it > does it twice when I encrypt with password directly (no keys). > But this time it doesn't use entered value at all (why should it use it when > a gpg-key is used for encryption?) > as i said. encryption passphrase during backup (p1-4) is always requested but only _needed_ when the backup resumes or the archive needs to be synced, because only in these cases decryption is needed during backup. ..ede/duply.net -- You received this question notification because your team duplicity-team is an answer contact for Duplicity. _______________________________________________ Mailing list: https://launchpad.net/~duplicity-team Post to : duplicity-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~duplicity-team More help : https://help.launchpad.net/ListHelp