Re: [Duplicity-talk] Re: How to run duplicity with a Cron Job

[Mathias de Riese]

Hi,

since several people are constantly bugging me, i finally find the time
to publish my patch to duplicity which enables public key encryption...

I didnt look into it for a long time. A daily incremental backup is
still running and seems to be happy for quite some time now. I'm not too
happy that it only does incremental and never a full backup. If anyone
has any ideas how to solve that, let me know.

The patch is attached. It is the debianizing patch. Just delete the last
few lines if you dont need it.

On the client I use something like

---------------------------------------------------------------------
#!/bin/sh
export PASSPHRASE=""
duplicity -v 4 --archive-dir /some/local/dir/ --encrypt-key XXXXXXXX \
               --sign-key XXXXXXXX --include /home --exclude '**' / \
               scp://address@hidden/backup/dir
----------------------------------------------------------------------

Under /root/.ssh/id_rsa there is a private key without passphrase.
Therefore we dont want to trust it too much.

And on the 'bckhost' I have a restricted shell installed for the user
'bckusr'. It is not set in the authorized_keys file but in /etc/passwd.
It only allows exactly those commands which duplicity uses via ssh for
writing the incremental backups. Since its not too smart i am reluctant
to publish it.

Have fun,
Mathias


--

Dr. Mathias de Riese
 - IT -
Deutsches Elektronen-Synchrotron DESY
Notkestrasse 85
D-22607 Hamburg

Tel: +49 40 8998 4122
Fax: +49 40 8994 4122
Eml: address@hidden

duplicity_0.4.1-2patch.diff.gz
Description: Unix tar archive

smime.p7s
Description: S/MIME Cryptographic Signature