duplicity-team team mailing list archive

Thread
Date

Re: [Question #170395]: How can I verify the GPG signatures on a backup?

To: duplicity-team@xxxxxxxxxxxxxxxxxxx
From: edso <question170395@xxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 07 Sep 2011 09:11:02 -0000
Reply-to: question170395@xxxxxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

Question #170395 on Duplicity changed:
https://answers.launchpad.net/duplicity/+question/170395

    Status: Open => Answered

edso proposed the following answer:
On 07.09.2011 10:15, Dan Drake wrote:
> New question #170395 on Duplicity:
> https://answers.launchpad.net/duplicity/+question/170395
> 
> I've made a backup and specified "--sign-key". But I'd like to somehow verify that the GPG signatures are valid. I thought I could do something like
> 
> gpg --verify duplicity-[etc].gpg
> 
> on one of the backup files, but I always get "gpg: verify signatures failed: unexpected data". Is there a way to check those signatures?
> 

use

gpg --output tmpfile --decrypt duplicity-[etc].gpg

duplicity files are not clearsigned but encrypted and optionally signed.


duplicity checks the comment from gpg automatically on restore or verify runs if a sign key was given.


ede/duply.net

-- 
You received this question notification because you are a member of
duplicity-team, which is an answer contact for Duplicity.