#10 Not give GPG password?

closed
nobody
None
5
2011-02-06
2010-11-23
Anonymous
No

I don't want to give duply my GPG private key password. I don't care about signing the data, so it doesn't need it.

Is there a way to have it just encrypt my data with my public key ID, and when decrypting, ask for my password?

Discussion

  • Comment has been marked as spam. 
    Undo

    You can see all pending comments posted by this user  here

    Anonymous - 2010-11-23

    Yes it is possible with the latest version to setup two individual key sets. One for signing and one for encryption (but no decryption). For encryption you could just provide the GnuPG public key. Even if you don't care about signing you could setup a dummy signature key (pub+priv) and provide duply with a weak password. In order to get it working you need to generate a new profile and modify it following the instructions found in it. Please keep in mind that you will have to keep your duplicity cache directory untouched between backup sessions as it holds unencrypted metadata on the PC you want to backup. With this configuration there is no way to reconstruct the local metadata cache if you don't have the decrypting key.

     
  • ede

    ede - 2010-11-23

    Currently duply insists on a password in your profile. I will change that for the next version.
    Be aware that if duplicity asks for a password during unattended cron use the process might hang indefinitely.

    Regarding usage without a private key please see bug
    https://sourceforge.net/tracker/index.php?func=detail&aid=3116416&group_id=217745&atid=1041147
    for further information.

    ..ede

     
  • ede

    ede - 2010-11-23
    • labels: 1071097 -->
     
  • ede

    ede - 2011-02-06
    • status: open --> closed
     
  • ede

    ede - 2011-02-06

    changed in 1.5.4.1

    be aware that duplicity will ask for the password if it needs to decrypt something. e.g. resync archive dir, restore

     

Log in to post a comment.