Robin Lee Powell wrote: > This is not the same stuff I was talking about before. > > Summary: I've got 3 different segfaults here, and quite a lot of > documentation failures. If you want me to send an updated man page, > I'd be happy to, just let me know. > > I made a very simple structure like so: > > mkdir orig > cd orig > mkdir -p a/b/c > mkdir -p d/e/f > touch a/b/c/foo > touch d/e/f/bar > > Encrypted like so: > > rsyncrypto --ne-nesting=5 --name-encrypt=filemap -c -v -r orig orig.enc > orig.keys /var/tmp/rcb/backup.crt > > Now, I would like to be able to do cold decryption. The man page > doesn't say how the keys directory is supposed to be defined when > one is doing this, so I just changed the keys directory name to a > directory that doesn't exist, and deleted the filemap, like so: > > [EMAIL PROTECTED]> ls -l > total 16 > drwxr-xr-x 4 rlpowell users 4096 2008-02-17 10:11 orig/ > drwxr-xr-x 4 rlpowell users 4096 2008-02-17 10:12 orig.enc/ > > [EMAIL PROTECTED]> rsyncrypto --ne-nesting=5 --name-encrypt=filemap -d -v -r > orig.enc plain plain.keys /var/tmp/rcb/backup.crt > [1] 13122 segmentation fault (core dumped) rsyncrypto --ne-nesting=5 > --name-encrypt=filemap -d -v -r orig.enc plain > > Well, that's a bit uncool. :) It'd be nice if --name-encrypt= > understood that in -d mode, I mean the filemap in the encrypted > directory, It does. The problem here (and it's documented in the "bugs" section of the manual page) is that you tried using the public key for cold decryption. As you can well understand, if I had a good idea how to give a meaningful error message instead of segfaulting, I would. > but oh well, let's try again: > > [EMAIL PROTECTED]> rsyncrypto --ne-nesting=5 --name-encrypt=orig.enc/filemap > -d -v -r orig.enc plain plain.keys /var/tmp/rcb/backup.crt > [1] 13190 bus error (core dumped) rsyncrypto --ne-nesting=5 > --name-encrypt=orig.enc/filemap -d -v -r orig.enc > > Oh, but wait, it gets better! In this case, it *deleted the > filemap*: > Of course it did, precisely because of your question above - it tried to reconstruct it.
The proper command line should have been: > [EMAIL PROTECTED]> rsyncrypto --ne-nesting=5 --name-encrypt=filemap -d -v -r > orig.enc plain plain.keys /var/tmp/rcb/backup.key Exactly the same command line as your first attempt, only using the private key. Just tried it. It automatically decrypted "filemap" from the encrypted directory and saved it to "filemap" in the local one, and created the entire decrypted tree + symmetric keys. If I misunderstood you, please clarify. If not, feel free to send suggestions as to what should be changed in the manual page to make this point clearer. Shachar ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Rsyncrypto-devel mailing list Rsyncrypto-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rsyncrypto-devel
