[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Restore does not need the encrypt-key ?
|
From: |
Kenneth Loafman |
|
Subject: |
Re: [Duplicity-talk] Restore does not need the encrypt-key ? |
|
Date: |
Sat, 08 May 2010 06:53:54 -0500 |
|
User-agent: |
Thunderbird 2.0.0.24 (X11/20100411) |
I had not known that you had the export PASSPHRASE ...
The encrypt key is not needed because gpg already knows what the key is
from the encrypted data header. It uses that knowledge and the private
key in your ~/.gnupg to do the decryption. The exported PASSPHRASE is
used by the signing key to validate the archive is unmodified.
BTW, the 0.5 series is obsolete. The last version was 0.5.20, so you
are way out of date.
...Ken
Tom wrote:
> You are right, the seahorse-agent was running and also the gnome keyring.
> I killed them but I still can restore without any info but the gpg passphrase.
> The encrypt-key is not required.
>
> Additional info :
> - Version "duplicity 0.5.09 running on linux2" on an Ubuntu 9.04.
> - I don't have anything in ~/.cache/duplicity
> - command line for backup :
> duplicity --encrypt-key 5690C020 --sign-key 5690C020 $include
> $exclude /home/tom/ ssh://address@hidden
> - command line for restore :
> export PASSPHRASE="something"
> duplicity restore ssh://address@hidden /home/tom/restore
>
> Thanks for any tips,
signature.asc
Description: OpenPGP digital signature