Re: [Duplicity-talk] Re: gpg "no public key", but only when run from cron

[Colin Ryan]

Steve Madsen wrote:
> On Dec 1, 2008, Jon wrote:
> > I had the same issue and while I am sure there is a better way, I solved
> > it by beginning my scripts with
> >
> > # Export the PASSPHRASE variable because cron can't read it
> > # for some reason
> > export PASSPHRASE=MYPASSPHRASE
>
>
> I don't think this is the problem.  I've had the PASSPHRASE in the 
> script since the beginning and it never prompts me for it during an 
> interactive run.  I don't use GPG for anything else and am not running 
> an agent, so it has to get the passphrase either from the tty or the 
> environment.
>
> Do most people generate their keys as root or as a regular user?  I 
> generated mine as a regular user, then imported both the public and 
> private keys into root's keychain.  Another problem, since resolved, 
> was making the key trusted so GPG would use it.
You might try using the --gpg-options duplicity switch to the send gpg 
some of it's native directives, specifically the --default-key directive.

e.g. duplicity <stuff>  --gpg-options='--default-key=<KEY HEX>'


I've found that unless the first private key in the key-chain in 
question is the key for the key-set that you want to use for Duplicity 
(which it isn't by definition if you've imported external keys into a 
keychain as the keychains first key is it's own) that I had to use the 
above technique to tell GPG which key set I intend duplicity to use.

Also be sure that you've signed the imported keys with the keychain's 
own key.


Hope this helps

Colin