tags + 565398 unreproducible thanks On Fri, 15 Jan 2010 14:17:44 +0100, Konrad Zimmermann writes: >Duplicity reasonably seams to assume that incremental backups encrypted agains >t a public key do not require a passphrase, but apparently this assumption is >not true.
it holds - for encryption. first: i cannot reproduce your problem. $ duplicity --encrypt-key 42bd645d testdir file:///stuff/dump/testbackup Local and Remote metadata are synchronized, no sync needed. Last full backup date: none No signatures found, switching to full backup. ... Errors 0 ....about 15 seconds and one file addition later.... $ duplicity --encrypt-key 42bd645d testdir file:///stuff/dump/testbackup Local and Remote metadata are synchronized, no sync needed. Last full backup date: Mon Jan 18 19:26:42 2010 ... TotalDestinationSizeChange 2365 (2.31 KB) Errors 0 please retry, and nuke ~/.cache before you do retry your tests. please also rerun with -v 9 and submit that log for further debugging. >succeeds in creating a full backup but reissuing the command, i.e. creating an > incremental backup fails with > >GPGError: GPG Failed, see log below: >===== Begin GnuPG log ===== ... >gpg: Entschlüsselung mit Public-Key-Verfahren fehlgeschlagen: Falsche >Passphrase ...and i know of exactly one scenario that can cause duplicity to need decryption: duplicity since 0.6 absolutely requires an unencrypted local cache of filenames/signatures (the archivedir stuff). this is forcibly generated (in ~/.cache or controlled by --archive-dir/--name) on new backups, and kept up to date subsequently. and here's the rub: for some as of yet unresolved reason (see https://bugs.launchpad.net/duplicity/+bug/497243 for my report on this issue) i've seen 0.6.06 occasionally and on long incremental chains end up with desynchronized local cache vs. remote archive, with the remote archive having more (encrypted) stuff than the cache accounts for. it detects this, and attemps a resynchronization: copies over signatures from the remote archive and attempts to decrypt them - and fails. (this buggy behaviour is NOT present in 0.6.05.) please retry your test with a cleaned cache and -v 9. regards az -- + Alexander Zangerl + DSA 42BD645D + (RSA 5B586291) "Bush, Ashcroft, Rumsfeld: The Axis of Idiocy". (somewhere on IRC)
signature.asc
Description: Digital Signature
