duplicity-team team mailing list archive

Thread
Date

Re: [Question #681867]: Attempting to sign with a non-existent key silently defaults to an existing key?

To: duplicity-team@xxxxxxxxxxxxxxxxxxx
From: Jake Herrmann <question681867@xxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 29 Jul 2019 20:12:48 -0000
Reply-to: question681867@xxxxxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

Question #681867 on Duplicity changed:
https://answers.launchpad.net/duplicity/+question/681867

    Status: Open => Solved

Jake Herrmann confirmed that the question is solved:
Thank you for the reply. I'm guessing the --default-key option for gpg
is responsible for this behavior. From the man page:

"If there is no secret key available for any of the specified values,
GnuPG will not emit an error message but continue as if this option
wasn't given."

I tested this with the command:

gpg --default-key foobar --sign filename.txt

and confirmed that it defaults to an existing key. I didn't actually
check whether duplicity uses gpg's --default-key option, but it seems
very likely that this is the cause. Seems like odd behavior to me, but
not duplicity's fault.

-- 
You received this question notification because your team duplicity-team
is an answer contact for Duplicity.