Re: [Duplicity-talk] how to tell duplicity to NOT sign (want to encrypt

duplicity-talk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] how to tell duplicity to NOT sign (want to encrypt

From:	Andrew Kohlsmith (lists)
Subject:	Re: [Duplicity-talk] how to tell duplicity to NOT sign (want to encrypt to public key only)
Date:	Thu, 29 May 2008 13:20:12 -0400
User-agent:	KMail/1.9.6 (enterprise 0.20070907.709405)

On May 27, 2008 04:44:21 pm Kenneth Loafman wrote:
> Just because it asks for a passphrase does not mean its going to sign
> it, for that you need --sign-key.  It needs the passphrase in this case
> because it defaults to an incremental backup (it switches to full when
> it detects no previous backups).  In order to do the incremental it has
> to be able to decrypt pieces of the previous backup, thus the request
> for the passphrase.

I've been playing with this a little, and have given up on "just public key" 
encryption since I need the passphrase to do the incremental part.

So now I'm using --encrypt-key twice, once with my own keypair, and once with 
the public key of the other party I want to be able to access the archive 
with.  I can't get that to work, either.  It asks for a passphrase and 
doesn't accept what I put (crash in gpg module):

# duplicity --encrypt-key EAF7ACB0 --encrypt-key 78CE1DDF /etc 
file:///var/data/duplicity/mixdowna.ca-etc
GnuPG passphrase:
Retype to confirm:
No signatures found, switching to full backup.
Traceback (most recent call last):
  File "/usr/bin/duplicity", line 463, in ?
    with_tempdir(main)
  File "/usr/bin/duplicity", line 458, in with_tempdir
    fn()
  File "/usr/bin/duplicity", line 449, in main
    full_backup(col_stats)
  File "/usr/bin/duplicity", line 155, in full_backup
    bytes_written = write_multivol("full", tarblock_iter, globals.backend)
  File "/usr/bin/duplicity", line 87, in write_multivol
    globals.gpg_profile,globals.volsize)
  File "/usr/lib/python2.3/site-packages/duplicity/gpg.py", line 217, in 
GPGWriteFile
    file.write(data)
  File "/usr/lib/python2.3/site-packages/duplicity/gpg.py", line 125, in write
    return self.gpg_input.write(buf)
IOError: [Errno 32] Broken pipe

I can reverse the order of the two keys, but that doesn't do much to help me, 
either.

Am I missing something?  With one key (the one where I have the private key) 
it works.

-A.

[Prev in Thread]

Current Thread

[Next in Thread]

[Duplicity-talk] how to tell duplicity to NOT sign (want to encrypt to public key only), Andrew Kohlsmith (lists), 2008/05/27
- Re: [Duplicity-talk] how to tell duplicity to NOT sign (want to encrypt to public key only), Kenneth Loafman, 2008/05/27
  - Re: [Duplicity-talk] how to tell duplicity to NOT sign (want to encrypt to public key only), Andrew Kohlsmith (lists), 2008/05/27
  - Re: [Duplicity-talk] how to tell duplicity to NOT sign (want to encrypt to public key only), Andrew Kohlsmith (lists) <=
    - Re: [Duplicity-talk] how to tell duplicity to NOT sign (want to encrypt to public key only), Gabriel Ambuehl, 2008/05/29
    - Re: [Duplicity-talk] how to tell duplicity to NOT sign (want to encrypt to public key only), Andrew Kohlsmith (lists), 2008/05/29

Prev by Date: [Duplicity-talk] Slow file restore
Next by Date: Re: [Duplicity-talk] how to tell duplicity to NOT sign (want to encrypt to public key only)
Previous by thread: Re: [Duplicity-talk] how to tell duplicity to NOT sign (want to encrypt to public key only)
Next by thread: Re: [Duplicity-talk] how to tell duplicity to NOT sign (want to encrypt to public key only)
Index(es):
- Date
- Thread