← Back to team overview

duplicity-team team mailing list archive

Fwd: [ftplicity:bugs] #76 GPG 2.1 passphrase entry change


just fyi. gpg 2.1 retires passphrase from pipe for key auth.


-------- Forwarded Message --------
Subject: [ftplicity:bugs] #76 GPG 2.1 passphrase entry change
Date: Sat, 29 Nov 2014 14:23:30 +0000
From: troy engel <tengel@xxxxxxxxxxxx>
Reply-To: [ftplicity:bugs]  <76@xxxxxxxxxxxxxxxxxxxxxxxxxx>
To: [ftplicity:bugs]  <76@xxxxxxxxxxxxxxxxxxxxxxxxxx>

With 2.1 the agent is required now, there's no way to get a passphrase into gpg without gpg-agent/pinentry (that's the big change, agree with it or not). It's all just basic config in my duply instance conf file with the passphrase set:

$ egrep -v "^(#|$)" .duply/XXXXX/conf 
GPG_OPTS='--pinentry-mode loopback'
DUPL_PARAMS="$DUPL_PARAMS --exclude-if-present '$FILENAME'"

That, with this:

$ egrep -v "^(#|$)" .gnupg/gpg-agent.conf 

...is what works, From the duply end of things, the only change needed is the one I suggested in the patch for GPG_OPTS, that's it.



** [bugs:#76] GPG 2.1 passphrase entry change**

**Status:** open
**Group:** duply
**Created:** Fri Nov 28, 2014 02:41 PM UTC by troy engel
**Last Updated:** Sat Nov 29, 2014 01:42 PM UTC
**Owner:** nobody

The method fo unattended passphrase entry has changed with GPG 2.1+, using a new option is required (as well as setting an option in ~/.gpg-agent.conf) to achieve the same functionality.

Please see the upstream issue: https://bugs.g10code.com/gnupg/issue1772

Suggested patch for now to raise awareness:

--- duply-1.9.1-orig	2014-11-28 08:33:07.843465503 -0600
+++ duply-1.9.1-gpg21	2014-11-28 08:36:02.579515130 -0600
@@ -677,6 +677,7 @@
 #   or "--compress-algo=bzip2 --bzip2-compress-level=9"
 #   or "--personal-cipher-preferences AES256,AES192,AES..."
 #   or "--homedir ~/.duply" - keep keyring and gpg settings duply specific
+#   or "--pinentry-mode loopback" - for GPG 2.1+
 # disable preliminary tests with the following setting

I'm personally still testing and working on this so don't have 100% confirmed what will/won't work with regards to duply/duplicity.


Sent from sourceforge.net because you indicated interest in <https://sourceforge.net/p/ftplicity/bugs/76/>

To unsubscribe from further messages, please visit <https://sourceforge.net/auth/subscriptions/>