Package: duplicity Version: 0.6.18-1 Severity: important After the change to use paramiko for sftp connections, there appears to be no way to tell Duplicity to connect to a nonstandard SSH port. This has broken my backups.
Old style of call: duplicity collection-status sftp://backup@zp/duplicity/moebius/@etc --archive-dir /var/cache/duplicity/moebius --name @etc --verbosity 1 --no-print-statistics --ssh-options '-oPort=22223 -oIdentityFile=/root/.ssh/id_rsa-backup' now results in: ** (process:4135): WARNING **: Trying to register gtype 'GMountMountFlags' as flags when in fact it is of type 'GEnum' ** (process:4135): WARNING **: Trying to register gtype 'GDriveStartFlags' as flags when in fact it is of type 'GEnum' ** (process:4135): WARNING **: Trying to register gtype 'GSocketMsgFlags' as flags when in fact it is of type 'GEnum' BackendException: ssh connection to zp:22 failed: Private key file is encrypted (I expect the gtype warnings are unrelated, but I'm including them because they're also new to my recent upgrade of a number of packages to testing.) The "Private key file is encrypted" is a little nonsensical here -- the failure has nothing to do with the private key file (which has no password), but that user backup isn't allowed to connect to port 22 (there's a DenyUsers on the main sshd_config), and Duplicity is now ignoring -oPort=22223. If I attempt to modify the URL to use user@host:port format, Duplicity fails to look up the host: duplicity collection-status sftp://backup@zp:22223/duplicity/moebius/@etc --archive-dir /var/cache/duplicity/moebius --name @etc --verbosity 1 --no-print-statistics --ssh-options '-oPort=22223 -oIdentityFile=/root/.ssh/id_rsa-backup' ** (process:4503): WARNING **: Trying to register gtype 'GMountMountFlags' as flags when in fact it is of type 'GEnum' ** (process:4503): WARNING **: Trying to register gtype 'GDriveStartFlags' as flags when in fact it is of type 'GEnum' ** (process:4503): WARNING **: Trying to register gtype 'GSocketMsgFlags' as flags when in fact it is of type 'GEnum' BackendException: ssh connection to zp:22223 failed: Unknown server [zp]:22223 Unfortunately, reverting is no longer an option, since Python 2.7 is required by too many other core packages that were upgraded to Testing (this started because I needed a more recent dpkg-dev, and everything else got dragged along with it.) This is... really unpleasant. I'm actually not sure how to get backups working again without completely switching protocols and coming up with a new security plan (the alternate SSH daemon forces a chroot, so loss of a key can't do much damage to the system). This could be solved either by having -oPort being honored in addition to -oIdentityFile, or by fixing the Unknown server error when a port is specified, but I don't really know where to start looking to fix either place. -- System Information: Debian Release: 6.0.4 APT prefers stable APT policy: (350, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages duplicity depends on: ii libc6 2.13-27 Embedded GNU C Library: Shared lib ii librsync1 0.9.7-7 rsync remote-delta algorithm libra ii python 2.7.2-10 interactive high-level object-orie ii python-gnupginterface 0.3.2-9.1 Python interface to GnuPG (GPG) ii python2.7 2.7.2-8 An interactive high-level object-o Versions of packages duplicity recommends: ii python-paramiko 1.7.7.1-2 Make ssh v2 connections with Pytho ii rsync 3.0.7-2 fast remote file copy program (lik Versions of packages duplicity suggests: ii lftp 4.0.6-1 Sophisticated command-line FTP/HTT ii ncftp 2:3.2.4-1 A user-friendly and well-featured ii python-boto 1.9b-4 Python interface to Amazon's Web S pn python-cloudfiles <none> (no description available) pn python-gdata <none> (no description available) ii python-pexpect 2.3-1 Python module for automating inter pn tahoe-lafs <none> (no description available) -- debconf-show failed -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
