I don't think this is fixed properly.
Let me sum up the change:
In the new function validate_encryption_settings, the first volume is decrypted
to see if the provided passphrase matches the one from the aborted backup run.
This makes sense for symmetric encryption. However for public key encryption,
we can just check if the recipients are the same. There is no need to decrypt
anything in the whole process (or do we need somewhere else?), so we do not
need any private decryption keys.
duplicity 0.6.21 requests those keys:
RESTART: Volumes 7 to 9 failed to upload before termination.
Restarting backup at volume 7.
= Begin GnuPG log =
gpg: encrypted with 2048-bit RSA key, ID BA6C3E32, created 2013-08-15
KEY TO ENCRYPT MY BACKUPS (I will never use this key to encrypt anything else
than my personal backups. I will never use this key to sign anything.)
gpg: public key decryption failed: bad passphrase
gpg: decryption failed: secret key not available
= End GnuPG log =
(Here I did not provide a passphrase. But the point is that duplicity
wants to have the private key.)
The only exception: Hidden recipients. There is no obvious solution:
- Detecting added hidden recipients could be done by trying to decrypt, like
for the symmetric case. But this is again not great for those who want to store
their private keys somewhere else or for unattended backups.
- For removed (and added) hidden recipients, one could store the recipients in
the local cache as long as the backup is not finished. Since they should be
hidden, that does not sound like a good idea either.
- Or just live with the fact that parts of the backup can be decrypted with
different keys in this special case...
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Resuming a backup with a different password should throw an error
To manage notifications about this bug go to:
ubuntu-bugs mailing list