[Duplicity-talk] Duplicity without Secret Key

[Colin Ryan]

I'm interested in using duplicity in a situation where I don't want to 
assume the physical security of the system from which duplicity is 
running. I was hoping I could leverage the fact that gpg is a public-key 
infrastructure and be able to have only the public key as generated from 
a secured system and imported into the duplicity system and signed with 
duplicity systems keyring.

I've set this up and selected encrypt key to be the key with just the 
public key available, and sign-key to be the systems local key but 
duplicity complains about no secret available. It's I guess not a total 
surprise that I can't do this but thought I'd open up the question 
regarding doing this.

Is it possible to use duplicity with just the public key, realizing of 
course that I could not then use this system to restore etc. But I'm 
guessing I'm challenged by the fact that the manifest and sig. files are 
also encrypted and therefor need to be decrypted to support proper 
incrementals and other functions.

Thanks

C