duplicity-team team mailing list archive

Thread
Date

Re: [Question #658091]: Why does duplicity ask for passwd when --encrypt-key + --sign-key is used???

To: duplicity-team@xxxxxxxxxxxxxxxxxxx
From: ardabro <question658091@xxxxxxxxxxxxxxxxxxxxx>
Date: Sat, 16 Sep 2017 12:23:28 -0000
Reply-to: question658091@xxxxxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

Question #658091 on Duplicity changed:
https://answers.launchpad.net/duplicity/+question/658091

    Status: Answered => Open

ardabro is still having a problem:
OK
I'm Sorry, my mistake and additional confusion from gpg agent and cached keys.
Everything is ok with gpg and its keys/passwords but I still have no
idea why duplicity asks for decryption password when encryption key is used.
It asks only once (second confusion) and does not use it at all -
I'm able to decrypt with gpg key without entering any password (third confusion)

....
Main action: full
================================================================================
duplicity 0.7.11 (December 31, 2016)
Args: /usr/bin/duplicity full --name=test_backup --encrypt-key=DEADBEEF --sign-key=DEADBEEF /home/ard/temp/duplicity_test/src file:///home/ard/temp/duplicity_test/dst
Linux t430-deb 4.9.0-3-amd64 #1 SMP Debian 4.9.30-2+deb9u3 (2017-08-06) x86_64 
/usr/bin/python 2.7.13 (default, Jan 19 2017, 14:48:08) 
[GCC 6.3.0 20170118]
================================================================================
....
Last full backup date: none
PASSPHRASE variable not set, asking user.
GnuPG passphrase for decryption:                    # "12345" - doesn't matter 
PASSPHRASE variable not set, asking user.
GnuPG passphrase for signing key:                   # correct - my real key-wrapping password is reqiured
....
--------------[ Backup Statistics ]--------------
StartTime 1505562881.09 (Sat Sep 16 13:54:41 2017)
....
TotalDestinationSizeChange 912 (912 bytes)
Errors 0
-------------------------------------------------

>cd /home/ard/temp/duplicity_test/dst
>ls -1
duplicity-full.20170916T115427Z.manifest.gpg
duplicity-full.20170916T115427Z.vol1.difftar.gpg
duplicity-full-signatures.20170916T115427Z.sigtar.gpg

>gpg --output xxx --decrypt duplicity-full-signatures.20170916T115427Z.sigtar.gpg
Please enter the passphrase to unlock the OpenPGP secret key:
"ard <ard@xxxxxxxxx>"
2048-bit RSA key, ID ****************,
created 2017-07-29 (main key ID ****************).

Passphrase: 
gpg: encrypted with 2048-bit RSA key, ID ****************, created 2017-07-29
      "ard <ard@xxxxxxxxx>"
gpg: Signature made Sat 16 Sep 2017 13:54:41 CEST
gpg:                using RSA key ****************************************
gpg: Good signature from "ard <ard@xxxxxxxxx>" [ultimate]
   
It asks for wrapping password for my keys; this is ok;
and does NOT ask for this confusing duplicity password ("12345")
I think it is a bug.

-- 
You received this question notification because your team duplicity-team
is an answer contact for Duplicity.