Re: [Duplicity-team] [Question #658091]: Why does duplicity ask for passwd when --encrypt-key + --sign-key is used???

Sun, 17 Sep 2017 12:03:52 -0700 

Question #658091 on Duplicity changed:
https://answers.launchpad.net/duplicity/+question/658091

    Status: Open => Answered

edso proposed the following answer:
On 9/17/2017 18:09, ardabro wrote:
> Question #658091 on Duplicity changed:
> https://answers.launchpad.net/duplicity/+question/658091
> 
>     Status: Answered => Open
> 
> ardabro is still having a problem:
> Sorry, maybe my English is too bad. Also I see I introduced a bit mess in 
> this line:
> "I'm able to decrypt with gpg key without entering any password (third 
> confusion)"
> This is false. It asks for password that secures my GPG key(s), and ONLY for 
> this one.
> Actually it asks everytime because I have gpg keys caching disabled.
> So, when decrypting, the behaviour is 100% CORRECT for scenario with gpg keys.
> The problem occurs when backup is created.
> 
> Once again the whole case (PLEASE, READ CAREFULLY):
> 
> 1) run duplicity with optios as previously
> 2) provide ___ANY_RANDOM_UNNECESSARY_USELESS_PASSWORD__ after "GnuPG 
> passphrase for decryption:"   (only once, no confirmation required!)
> 3) provide __REAL__ password that wraps my BOTH gpg keys (it is actually the 
> same key pair) after "GnuPG passphrase for signing key:"
> 4) backup is created.
> 5) run gpg --output xxx --decrypt duplicity-full*.gpg     OR    duplicity 
> restore file://dst trg
> 6) provide __REAL__ password that wraps my both keys (the same one as used in 
> p3)
> 7) file is decrypted or backup restored WITHOUT using this 
> ___ANY_RANDOM_UNNECESSARY_USELESS_PASSWORD__ used in p2 !
> 
> The above scenario is 100% reproductible!
> 
> P.S.
> In p2) duplicity asks the for the password with exactly the same way as it 
> does it twice when I encrypt with password directly (no keys).
> But this time it doesn't use entered value at all (why should it use it when 
> a gpg-key is used for encryption?)
> 

as i said. encryption passphrase during backup (p1-4) is always
requested but only _needed_ when the backup resumes or the archive needs
to be synced, because only in these cases decryption is needed during
backup.

..ede/duply.net

-- 
You received this question notification because your team duplicity-team
is an answer contact for Duplicity.

_______________________________________________
Mailing list: https://launchpad.net/~duplicity-team
Post to     : duplicity-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~duplicity-team
More help   : https://help.launchpad.net/ListHelp

Reply via email to