Hi,
I changed my OS to next Ubuntu LTS 18.04.
First trial to use duplicity after some month with images ended with an error -
and I am not sure if the problem fits to the Duplicity-talk mails below
concerning GnuPG MDC errors.
If it is the same problem: Can somebody tell me how to turn off MDC via gpg
options? Or where to get the information?
Anyhow: Would be nice to get any tips.
Thanks alot in advance
Vera
Encryption failed (Code 2).
gpg: WARNUNG: Unsicheres Besitzverhältnis des Home-Verzeichnis
`/home/XXXX/.gnupg'
gpg: "YYYYYYYY" wird als voreingestellter geheimer Signaturschlüssel benutzt
[GNUPG:] KEY_CONSIDERED ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ A
[GNUPG:] KEY_CONSIDERED CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC B
[GNUPG:] BEGIN_SIGNING H8
[GNUPG:] PINENTRY_LAUNCHED 7172 gnome3:curses 1.1.0 - xterm-256color :0
gpg: Beglaubigung fehlgeschlagen: Unpassender IOCTL (I/O-Control) für das Gerät
[GNUPG:] BEGIN_ENCRYPTION 2 9
[GNUPG:] FAILURE sign-encrypt 83918950
gpg: /usr/bin/duply: sign+encrypt failed: Unpassender IOCTL (I/O-Control) für
das Gerät
Hint:
This error means that gpg is probably misconfigured or not working
correctly. The error message above should help to solve the problem.
However, if for some reason duply should misinterpret the situation you
can define GPG_TEST='disabled' in the conf file to bypass the test.
Please do not forget to report the bug in order to resolve the problem
in future versions of duply.
-------- Weitergeleitete Nachricht --------
Betreff: Re: [Duplicity-talk] Ignoring GnuPG MDC errors
Datum: Wed, 5 Sep 2018 15:42:21 -0500
Von: Kenneth Loafman via Duplicity-talk <address@hidden>
Antwort an: Discussion about duplicity backup <address@hidden>
An: Discussion about duplicity backup <address@hidden>
Kopie (CC): Kenneth Loafman <address@hidden>
Hi,
Prior to GNUpg 2.2.8, the MDC (modify detection code) was optional. Now
it's on by default. Duplicity does a hash of the entire file so the MDC is
duplication of effort. Plus the effort is difficult when maintaining
backwards compatibility. I decided that other development was more
important at this time, so turned off MDC via gpg options and got rid of
the problem. You are still protected by the hash stored in the manifest.
...Thanks,
...Ken
On Tue, Sep 4, 2018 at 5:45 PM Leo Famulari via Duplicity-talk <
address@hidden> wrote:
Hi,
I'm curious about the resolution of bug #1780617 [0],
"test_sigchain_fileobj test fails when GnuPG >= 2.2.8".
The bug was filed in response to a recent change in GnuPG that made gpg
check for integrity errors ("MDC errors") in encrypted archives by
default, and to consider integrity errors to be a hard failure.
This change in GnuPG caused a test failure in Duplicity, and the
response was to unconditionally ignore the result of the integrity
check. [1]
The Duplicity web page says, "Because duplicity uses GnuPG to encrypt
and/or sign these archives, they will be safe from spying and/or
modification by the server."
I don't fully understand the impact of this change on Duplicity, or how
Duplicity stores and authenticates its archives. How does Duplicity
protect against modification of backup archives?
[0] https://bugs.launchpad.net/duplicity/+bug/1780617
[1]
https://bazaar.launchpad.net/~duplicity-team/duplicity/0.8-series/revision/1308
_______________________________________________
Duplicity-talk mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
_______________________________________________
Duplicity-talk mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/duplicity-talk