[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] wrong passphrase with archive-dir?
From: |
Richard Scott |
Subject: |
Re: [Duplicity-talk] wrong passphrase with archive-dir? |
Date: |
Sun, 16 Nov 2008 12:16:50 -0000 (UTC) |
User-agent: |
SquirrelMail/1.5.1 |
Hiya,
I've not had that happen so far, but then again I use the PASSPHRASE
environment variable to set
my password as I normally backup from a script. I do however use the
--archive-dir option each and
every time I backup or restore something.
Perhaps duplicity could encrypt something that is kept locally in the
archive-dir and test-decrypt
it before an incremental is started? If the test data is decrypted ok then the
password is fine,
otherwise prompt again for a password?
Obviously this test wouldn't be required for a full backup as you would be
setting the password
for that chain at this time. Also, if your backing up via a script and the
PASSPHRASE variable is
set then there would be no need to test if the password is ok or to prompt for
a password as
nobody would see the prompt?
Does anybody have any other ideas on this?
Rich.
> I might be missing something here, but this seems to have happened to me:
> When doing an incremental backup using an existing local --archive-dir,
> duplicity will prompt you for the passphrase once. It will then use it to
> encrypt the updates, but
> never to decrypt anything. Therefore, if you specify the wrong passphase, it
> won't be caught and
> the resulting backup will be corrupted ("GnuPG exited non-zero, with code
> 131072" (also, shouldn't
> that be e >> 8)). Could duplicity perhaps prompt twice in this situation or
> somehow verify one
> file (currently if I delete one manifest from the local archive-dir it forces
> it to download and
> check it, but this is not ideal)?
>
> :-Dylan