[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Duplicity-talk] signing and crypting with 2 different keys.
|
From: |
Matthieu Nottale |
|
Subject: |
[Duplicity-talk] signing and crypting with 2 different keys. |
|
Date: |
Tue, 03 Feb 2004 01:06:33 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031107 Debian/1.5-3 |
Hi.
I've installed the debian duplicity package, and am trying to create
backups signed with a key, and crypted with an other, but it does not
seem to work: if I understood well what is happening,if I specify a
--encrypt-key, this key will also be used to sign, whatever I put in
--sign-key.
Some tests (don't feel alarmed for the quoted passphrase, it is just a
test key):
miska:~# gpg --list-secret-keys
/root/.gnupg/secring.gpg
------------------------
sec 1024D/82334568 2004-02-02 Matthieu Nottale (backup sign key)
<address@hidden>
ssb 1024g/0AED9133 2004-02-02
miska:~# gpg --list-keys
/root/.gnupg/pubring.gpg
------------------------
pub 1024D/990692AD 2003-07-03 Matthieu Nottale (bearclaw)
<address@hidden>
sub 2048g/5143F9A0 2003-07-03
pub 1024D/82334568 2004-02-02 Matthieu Nottale (backup sign key)
<address@hidden>
sub 1024g/0AED9133 2004-02-02
mkdir test
echo blop >test/testfile
PASSPHRASE=miska duplicity --sign-key "82334568" --encrypt-key
"82334568" test file:///tmp/ <=WORKS OK
rm /tmp/dup*
PASSPHRASE=moo duplicity --sign-key "82334568" --encrypt-key "82334568"
test file:///tmp/ <--FAIL, of course (prooves that the key is realy used)
rm /tmp/dup*
PASSPHRASE=miska duplicity --sign-key "82334568" --encrypt-key
"990692AD" test file:///tmp/ <-FAIL with:
No signatures found, switching to full backup.
Traceback (most recent call last):
File "/usr/bin/duplicity", line 358, in ?
if __name__ == "__main__": main()
File "/usr/bin/duplicity", line 351, in main
if not sig_chain: full_backup(col_stats)
File "/usr/bin/duplicity", line 134, in full_backup
bytes_written = write_multivol("full", tarblock_iter, globals.backend)
File "/usr/bin/duplicity", line 75, in write_multivol
globals.gpg_profile)
File "/usr/lib/python2.3/site-packages/duplicity/gpg.py", line 211, in
GPGWriteFile
try: data = block_iter.next(bytes_to_go).data
File "/usr/lib/python2.3/site-packages/duplicity/diffdir.py", line
407, in next
result = self.process(self.input_iter.next(), size)
File "/usr/lib/python2.3/site-packages/duplicity/diffdir.py", line
284, in get_delta_iter_w_sig
sigTarFile.close()
File "/usr/lib/python2.3/site-packages/duplicity/tarfile.py", line
502, in close
self.fileobj.write("\0" * (RECORDSIZE - remainder))
File "/usr/lib/python2.3/site-packages/duplicity/dup_temp.py", line
116, in write
def write(self, buf): return self.fileobj.write(buf)
File "/usr/lib/python2.3/site-packages/duplicity/gpg.py", line 103, in
write
def write(self, buf): return self.gpg_input.write(buf)
IOError: [Errno 32] Broken pipe
Now this should not fail: public key 990692AD is available, private key
82334568 is available, and the correct passphrase has been suplied.
Am I doing something wrong? Should this mail go in the feature-request
folder? Any help would be greatly apreciated.
Cheers,
Matthieu Nottale.
P.S.: please cc to me any reply, I'm not on the list.
- [Duplicity-talk] signing and crypting with 2 different keys.,
Matthieu Nottale <=