duplicity-talk
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Duplicity-talk] Asymmetric backups broken in 0.6.15?

From: Dan Loewenherz
Subject: [Duplicity-talk] Asymmetric backups broken in 0.6.15?
Date: Fri, 2 Sep 2011 00:40:41 -0700
Hi all,

I have been using duplicity on a number of servers for a bit now (since June). I use asymmetric encryption. My signature passphrase is stored in $PASSPHRASE and my encryption passphrase is not stored anywhere.

The command I run for incremental backups:

# duplicity incremental --gpg-options='--compress-algo=bzip2 --bzip2-compress-level=9' --sign-key $DUPLICITY_SIGNATURE_KEY --encrypt-key $DUPLICITY_ENCRYPTION_KEY . s3+http://$DUPLICITY_BUCKET/$DATABASE_NAME/$1

The command I run for full backups:

# duplicity full --gpg-options='--compress-algo=bzip2 --bzip2-compress-level=9' --sign-key $DUPLICITY_SIGNATURE_KEY --encrypt-key $DUPLICITY_ENCRYPTION_KEY . s3+http://$DUPLICITY_BUCKET/$DATABASE_NAME/$1

To check up on the collection status, I just run.

# duplicity collection-status s3+http://$DUPLICITY_BUCKET

It will prompt for the encryption password, and will then spew out data relating to the backup. Awesome.

-----

Now for the story with the new server.

On a separate server, I wanted to use duplicity to do the same thing...but it appears something changed.

No matter what I do, I get this error:

GPGError: GPG Failed, see log below:
===== Begin GnuPG log =====
gpg: encrypted with 2048-bit RSA key, ID XXXXXXXX, created 2011-09-02
"Backup Encryption <address@hidden>"
gpg: decryption failed: secret key not available
===== End GnuPG log =====

I then read up on the docs, and saw that a SIGN_PASSPHRASE was added (for what reason, I'm not sure). What I don't understand about this error message is why it's necessary to have my secret key for the encryption step--especially since this is an asymmetric encryption. The public key has been imported, that should be all it needs.

So I fiddle around, I import my secret key for the encryption key, and it works...only if I provide the correct PASSPHRASE as well (so I somehow learn that PASSPHRASE is now SIGN_PASSPHRASE and PASSPHRASE is now the password for the encryption key?--this transition was not communicated well at all).

In any case, it is not possible for me to have my encryption passphrase on plain text on the server, *especially* when it did not need it before. Having my encryption passphrase in plain text on the server compromises my backups if the encryption key is somehow leaked.

What is going on? How can I get back to the setup I had before on 0.6.14?

Thanks!
Dan

mobile 786-201-1161 | web http://dlo.me/ | twitter @dwlz

reply via email to
[Prev in Thread] Current Thread [Next in Thread]