Re: [Duplicity-talk] Encryption failed (Code 2)

duplicity-talk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] Encryption failed (Code 2)

From:	edgar . soldin
Subject:	Re: [Duplicity-talk] Encryption failed (Code 2)
Date:	Thu, 21 Feb 2019 17:18:06 +0100
User-agent:	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1

Vera,

don't hesitate to create it. it's a standard config file
  https://www.gnupg.org/documentation/manuals/gnupg/Agent-Configuration.html

..ede/duply.net

On 21.02.2019 17:12, Vera Schmidt wrote:
> Hi Edgar,
>
> there is no file gpg-agent.conf in the profile folder .gnupg
> Seachfing for gpg-agent.conf I could only find a file 
> /var/lib/dpkg/info/gpg-agent.conffiles which seems to be something different.
>
> In .gnupg are the files
> private-keys-v1.d  random_seed  S.gpg-agent.browser  trustdb.gpg
> pubring.gpg        secring.gpg  S.gpg-agent.extra
> pubring.gpg~       S.gpg-agent  S.gpg-agent.ssh
>
> Vera
>
> Am 20.02.19 um 17:41 schrieb edgar.soldin--- via Duplicity-talk:
>> thats most likely no MDC issue.
>>
>> you probably used gpg 1.x before.
>>
>> since gpg 2.1 some config is needed to convince gpg to accept piped in 
>> passphrases. see
>> https://lists.launchpad.net/duplicity-team/msg02653.html
>>
>> essentially you need
>>
>> 1.
>> to add the line
>>
>> allow-loopback-pinentry
>>
>> to '.gnupg/gpg-agent.conf' in the users home folder that runs the backup.
>>
>> 2.
>> add
>>
>> GPG_OPTS='--pinentry-mode loopback'
>>
>> to your duply conf file
>>
>>
>> good luck ..ede/duply.net
>>
>>
>> On 20.02.2019 14:32, Vera Schmidt via Duplicity-talk wrote:
>>> Hi Edgar,
>>>
>>> gpg (GnuPG) 2.2.4
>>> libgcrypt 1.8.1
>>>
>>> duplicity 0.7.17
>>>
>>> Vera
>>>
>>> Am 20.02.19 um 12:42 schrieb address@hidden:
>>>> hi Vera,
>>>>
>>>> please state your duplicity and gpg versions.
>>>>
>>>> ..ede/duply.net
>>>>
>>>> On 20.02.2019 12:37, Vera Schmidt via Duplicity-talk wrote:
>>>>> Hi,
>>>>>
>>>>> I changed my OS to next Ubuntu LTS 18.04.
>>>>> First trial to use duplicity after some month with images ended with an 
>>>>> error - and I am not sure if the problem fits to the Duplicity-talk mails 
>>>>> below concerning GnuPG MDC errors.
>>>>>
>>>>> If it is the same problem: Can somebody tell me how to turn off MDC via 
>>>>> gpg options? Or where to get the information?
>>>>>
>>>>> Anyhow: Would be nice to get any tips.
>>>>> Thanks alot in advance
>>>>>
>>>>> Vera
>>>>>
>>>>>
>>>>> Encryption failed (Code 2).
>>>>> gpg: WARNUNG: Unsicheres Besitzverhältnis des Home-Verzeichnis 
>>>>> `/home/XXXX/.gnupg'
>>>>> gpg: "YYYYYYYY" wird als voreingestellter geheimer Signaturschlüssel 
>>>>> benutzt
>>>>> [GNUPG:] KEY_CONSIDERED ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ A
>>>>> [GNUPG:] KEY_CONSIDERED CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC B
>>>>> [GNUPG:] BEGIN_SIGNING H8
>>>>> [GNUPG:] PINENTRY_LAUNCHED 7172 gnome3:curses 1.1.0 - xterm-256color :0
>>>>> gpg: Beglaubigung fehlgeschlagen: Unpassender IOCTL (I/O-Control) für das 
>>>>> Gerät
>>>>> [GNUPG:] BEGIN_ENCRYPTION 2 9
>>>>> [GNUPG:] FAILURE sign-encrypt 83918950
>>>>> gpg: /usr/bin/duply: sign+encrypt failed: Unpassender IOCTL (I/O-Control) 
>>>>> für das Gerät
>>>>>
>>>>> Hint:
>>>>>     This error means that gpg is probably misconfigured or not working
>>>>>     correctly. The error message above should help to solve the problem.
>>>>>     However, if for some reason duply should misinterpret the situation 
>>>>> you
>>>>>     can define GPG_TEST='disabled' in the conf file to bypass the test.
>>>>>     Please do not forget to report the bug in order to resolve the problem
>>>>>     in future versions of duply.
>>>>>
>>>>>
>>>>>
>>>>> -------- Weitergeleitete Nachricht --------
>>>>> Betreff: Re: [Duplicity-talk] Ignoring GnuPG MDC errors
>>>>> Datum: Wed, 5 Sep 2018 15:42:21 -0500
>>>>> Von: Kenneth Loafman via Duplicity-talk <address@hidden>
>>>>> Antwort an: Discussion about duplicity backup <address@hidden>
>>>>> An: Discussion about duplicity backup <address@hidden>
>>>>> Kopie (CC): Kenneth Loafman <address@hidden>
>>>>>
>>>>> Hi,
>>>>>
>>>>> Prior to GNUpg 2.2.8, the MDC (modify detection code) was optional.  Now
>>>>> it's on by default.  Duplicity does a hash of the entire file so the MDC 
>>>>> is
>>>>> duplication of effort.  Plus the effort is difficult when maintaining
>>>>> backwards compatibility.  I decided that other development was more
>>>>> important at this time, so turned off MDC via gpg options and got rid of
>>>>> the problem.  You are still protected by the hash stored in the manifest.
>>>>>
>>>>> ...Thanks,
>>>>> ...Ken
>>>>>
>>>>>
>>>>> On Tue, Sep 4, 2018 at 5:45 PM Leo Famulari via Duplicity-talk <
>>>>> address@hidden> wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I'm curious about the resolution of bug #1780617 [0],
>>>>>> "test_sigchain_fileobj test fails when GnuPG >= 2.2.8".
>>>>>>
>>>>>> The bug was filed in response to a recent change in GnuPG that made gpg
>>>>>> check for integrity errors ("MDC errors") in encrypted archives by
>>>>>> default, and to consider integrity errors to be a hard failure.
>>>>>>
>>>>>> This change in GnuPG caused a test failure in Duplicity, and the
>>>>>> response was to unconditionally ignore the result of the integrity
>>>>>> check. [1]
>>>>>>
>>>>>> The Duplicity web page says, "Because duplicity uses GnuPG to encrypt
>>>>>> and/or sign these archives, they will be safe from spying and/or
>>>>>> modification by the server."
>>>>>>
>>>>>> I don't fully understand the impact of this change on Duplicity, or how
>>>>>> Duplicity stores and authenticates its archives. How does Duplicity
>>>>>> protect against modification of backup archives?
>>>>>>
>>>>>> [0] https://bugs.launchpad.net/duplicity/+bug/1780617
>>>>>>
>>>>>> [1]
>>>>>> https://bazaar.launchpad.net/~duplicity-team/duplicity/0.8-series/revision/1308
>>>>>> _______________________________________________
>>>>>> Duplicity-talk mailing list
>>>>>> address@hidden
>>>>>> https://lists.nongnu.org/mailman/listinfo/duplicity-talk
>>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Duplicity-talk mailing list
>>>>> address@hidden
>>>>> https://lists.nongnu.org/mailman/listinfo/duplicity-talk
>>>>
>>>>
>>>
>>> _______________________________________________
>>> Duplicity-talk mailing list
>>> address@hidden
>>> https://lists.nongnu.org/mailman/listinfo/duplicity-talk
>>
>>
>> _______________________________________________
>> Duplicity-talk mailing list
>> address@hidden
>> https://lists.nongnu.org/mailman/listinfo/duplicity-talk
>>

[Prev in Thread]

Current Thread

[Next in Thread]

[Duplicity-talk] Encryption failed (Code 2), Vera Schmidt, 2019/02/20
- Re: [Duplicity-talk] Encryption failed (Code 2), edgar . soldin, 2019/02/20
  - Re: [Duplicity-talk] Encryption failed (Code 2), Vera Schmidt, 2019/02/20
    - Re: [Duplicity-talk] Encryption failed (Code 2), edgar . soldin, 2019/02/20
    - Re: [Duplicity-talk] Encryption failed (Code 2), Vera Schmidt, 2019/02/21
    - Re: [Duplicity-talk] Encryption failed (Code 2), edgar . soldin <=

Prev by Date: Re: [Duplicity-talk] Encryption failed (Code 2)
Previous by thread: Re: [Duplicity-talk] Encryption failed (Code 2)
Index(es):
- Date
- Thread