[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] No secret key required on differential backups
|
From: |
Georg Lutz |
|
Subject: |
Re: [Duplicity-talk] No secret key required on differential backups |
|
Date: |
Sun, 28 Feb 2010 10:00:44 +0100 |
|
User-agent: |
Thunderbird 2.0.0.23 (X11/20090817) |
Lluís Batlle schrieb:
For example, I backup with this:
duplicity --full-if-older-than 7D --encrypt-key (mykeyid) /mysourcedir
file:///mybackupdir
And I verify with this:
duplicity verify --full-if-older-than 7D --encrypt-key (mykeyid)
file:///mybackupdir /mysourcedir
Hi Lluis,
are you 100% sure that e.g. gpg-agent isn't caching the password
somehow? If I use your command line duplicity still exits with a
stacktrace in the GPG section, saying that the decryption failed,
because the secret key is not available, see the attached log file.
If I prepend a "--use-agent" to the duplicity call, then the gpg-agent
windows pops up, asking me for a password.
Ah, in the cache? If I wiped the cache, then the metadata would have
to be decrypted?
Hm. Don't know the implications of removing the metadata.
Regards
Georg
address@hidden:~$ sudo mkdir /mysourcedir
address@hidden:~$ sudo mkdir /mybackdir
address@hidden:~$ sudo chown -R gal:gal /my*
address@hidden:~$ dd if=/dev/urandom of=/mysourcedir/testfile1 count=2
2+0 Datensätze ein
2+0 Datensätze aus
1024 Bytes (1,0 kB) kopiert, 0,000404777 s, 2,5 MB/s
address@hidden:~$
address@hidden:~$ duplicity -v9 --full-if-older-than 7D --encrypt-key B399F3FD
/mysourcedir file:///mybackupdir
Using archive dir: /home/gal/.cache/duplicity/0187d86a5f9ced03f8c73a346fa91303
Using backup name: 0187d86a5f9ced03f8c73a346fa91303
Import of duplicity.backends.tahoebackend Succeeded
Import of duplicity.backends.ftpbackend Succeeded
Import of duplicity.backends.sshbackend Succeeded
Import of duplicity.backends.cloudfilesbackend Succeeded
Import of duplicity.backends.giobackend Succeeded
Import of duplicity.backends.rsyncbackend Succeeded
Import of duplicity.backends.webdavbackend Succeeded
Import of duplicity.backends.botobackend Succeeded
Import of duplicity.backends.imapbackend Succeeded
Import of duplicity.backends.hsibackend Succeeded
Import of duplicity.backends.localbackend Succeeded
Main action: inc
================================================================================
duplicity 0.6.06 (October 29, 2009)
Args: /usr/local/bin/duplicity -v9 --full-if-older-than 7D --encrypt-key
B399F3FD /mysourcedir file:///mybackupdir
Linux ercws022.erc.lan 2.6.31-17-generic #54-Ubuntu SMP Thu Dec 10 16:20:31 UTC
2009 i686
/usr/bin/python 2.6.4 (r264:75706, Dec 7 2009, 18:45:15)
[GCC 4.4.1]
================================================================================
Using temporary directory /tmp/duplicity-6rVKFe-tempdir
Registering (mkstemp) temporary file
/tmp/duplicity-6rVKFe-tempdir/mkstemp-NeNlwj-1
Temp has 6282305536 available, backup will use approx 34078720.
Local and Remote metadata are synchronized, no sync needed.
0 files exist on backend
0 files exist in cache
Extracting backup chains from list of files: []
Last full backup date: none
Last full backup is too old, forcing full backup
Collection Status
-----------------
Connecting with backend: LocalBackend
Archive dir: /home/gal/.cache/duplicity/0187d86a5f9ced03f8c73a346fa91303
Found 0 secondary backup chains.
No backup chains with active signatures found
No orphaned or incomplete backup sets found.
Using temporary directory
/home/gal/.cache/duplicity/0187d86a5f9ced03f8c73a346fa91303/duplicity-X4ZmiN-tempdir
Registering (mktemp) temporary file
/home/gal/.cache/duplicity/0187d86a5f9ced03f8c73a346fa91303/duplicity-X4ZmiN-tempdir/mktemp-Dr5D9r-1
Using temporary directory
/home/gal/.cache/duplicity/0187d86a5f9ced03f8c73a346fa91303/duplicity-RSJL45-tempdir
Registering (mktemp) temporary file
/home/gal/.cache/duplicity/0187d86a5f9ced03f8c73a346fa91303/duplicity-RSJL45-tempdir/mktemp-g4ylNp-1
AsyncScheduler: instantiating at concurrency 0
Registering (mktemp) temporary file
/tmp/duplicity-6rVKFe-tempdir/mktemp-Lud5CJ-2
Selecting /mysourcedir
Comparing () and None
Getting delta of (() /mysourcedir dir) and None
A .
Selecting /mysourcedir/testfile1
Comparing ('testfile1',) and None
Getting delta of (('testfile1',) /mysourcedir/testfile1 reg) and None
A testfile1
Removing still remembered temporary file
/home/gal/.cache/duplicity/0187d86a5f9ced03f8c73a346fa91303/duplicity-X4ZmiN-tempdir/mktemp-Dr5D9r-1
Cleanup of temporary file
/home/gal/.cache/duplicity/0187d86a5f9ced03f8c73a346fa91303/duplicity-X4ZmiN-tempdir/mktemp-Dr5D9r-1
failed
Removing still remembered temporary file
/home/gal/.cache/duplicity/0187d86a5f9ced03f8c73a346fa91303/duplicity-RSJL45-tempdir/mktemp-g4ylNp-1
Cleanup of temporary file
/home/gal/.cache/duplicity/0187d86a5f9ced03f8c73a346fa91303/duplicity-RSJL45-tempdir/mktemp-g4ylNp-1
failed
AsyncScheduler: running task synchronously (asynchronicity disabled)
Writing /mybackupdir/duplicity-full.20100228T084700Z.vol1.difftar.gpg
Deleting /tmp/duplicity-6rVKFe-tempdir/mktemp-Lud5CJ-2
Forgetting temporary file /tmp/duplicity-6rVKFe-tempdir/mktemp-Lud5CJ-2
AsyncScheduler: task completed successfully
Processed volume 1
Writing /mybackupdir/duplicity-full-signatures.20100228T084700Z.sigtar.gpg
Writing /mybackupdir/duplicity-full.20100228T084700Z.manifest.gpg
3 files exist on backend
2 files exist in cache
Extracting backup chains from list of files:
['duplicity-full.20100228T084700Z.manifest.gpg',
'duplicity-full-signatures.20100228T084700Z.sigtar.gpg',
'duplicity-full.20100228T084700Z.vol1.difftar.gpg']
File duplicity-full.20100228T084700Z.manifest.gpg is not part of a known set;
creating new set
File duplicity-full-signatures.20100228T084700Z.sigtar.gpg is not part of a
known set; creating new set
Ignoring file (rejected by backup set)
'duplicity-full-signatures.20100228T084700Z.sigtar.gpg'
File duplicity-full.20100228T084700Z.vol1.difftar.gpg is part of known set
Found backup chain [Sun Feb 28 09:47:00 2010]-[Sun Feb 28 09:47:00 2010]
--------------[ Backup Statistics ]--------------
StartTime 1267346821.03 (Sun Feb 28 09:47:01 2010)
EndTime 1267346821.10 (Sun Feb 28 09:47:01 2010)
ElapsedTime 0.07 (0.07 seconds)
SourceFiles 2
SourceFileSize 5120 (5.00 KB)
NewFiles 2
NewFileSize 5120 (5.00 KB)
DeletedFiles 0
ChangedFiles 0
ChangedFileSize 0 (0 bytes)
ChangedDeltaSize 0 (0 bytes)
DeltaEntries 2
RawDeltaSize 1024 (1.00 KB)
TotalDestinationSizeChange 1588 (1.55 KB)
Errors 0
-------------------------------------------------
Removing still remembered temporary file
/tmp/duplicity-6rVKFe-tempdir/mkstemp-NeNlwj-1
address@hidden:~$ duplicity -v9 --full-if-older-than 7D --encrypt-key B399F3FD
/mysourcedir file:///mybackupdir
Using archive dir: /home/gal/.cache/duplicity/0187d86a5f9ced03f8c73a346fa91303
Using backup name: 0187d86a5f9ced03f8c73a346fa91303
Import of duplicity.backends.tahoebackend Succeeded
Import of duplicity.backends.ftpbackend Succeeded
Import of duplicity.backends.sshbackend Succeeded
Import of duplicity.backends.cloudfilesbackend Succeeded
Import of duplicity.backends.giobackend Succeeded
Import of duplicity.backends.rsyncbackend Succeeded
Import of duplicity.backends.webdavbackend Succeeded
Import of duplicity.backends.botobackend Succeeded
Import of duplicity.backends.imapbackend Succeeded
Import of duplicity.backends.hsibackend Succeeded
Import of duplicity.backends.localbackend Succeeded
Main action: inc
================================================================================
duplicity 0.6.06 (October 29, 2009)
Args: /usr/local/bin/duplicity -v9 --full-if-older-than 7D --encrypt-key
B399F3FD /mysourcedir file:///mybackupdir
Linux ercws022.erc.lan 2.6.31-17-generic #54-Ubuntu SMP Thu Dec 10 16:20:31 UTC
2009 i686
/usr/bin/python 2.6.4 (r264:75706, Dec 7 2009, 18:45:15)
[GCC 4.4.1]
================================================================================
Using temporary directory /tmp/duplicity-8IdivR-tempdir
Registering (mkstemp) temporary file
/tmp/duplicity-8IdivR-tempdir/mkstemp-mthCZi-1
Temp has 6282289152 available, backup will use approx 34078720.
Local and Remote metadata are synchronized, no sync needed.
3 files exist on backend
2 files exist in cache
Extracting backup chains from list of files:
['duplicity-full.20100228T084700Z.manifest.gpg',
'duplicity-full-signatures.20100228T084700Z.sigtar.gpg',
'duplicity-full.20100228T084700Z.vol1.difftar.gpg']
File duplicity-full.20100228T084700Z.manifest.gpg is not part of a known set;
creating new set
File duplicity-full-signatures.20100228T084700Z.sigtar.gpg is not part of a
known set; creating new set
Ignoring file (rejected by backup set)
'duplicity-full-signatures.20100228T084700Z.sigtar.gpg'
File duplicity-full.20100228T084700Z.vol1.difftar.gpg is part of known set
Found backup chain [Sun Feb 28 09:47:00 2010]-[Sun Feb 28 09:47:00 2010]
Last full backup date: Sun Feb 28 09:47:00 2010
Collection Status
-----------------
Connecting with backend: LocalBackend
Archive dir: /home/gal/.cache/duplicity/0187d86a5f9ced03f8c73a346fa91303
Found 0 secondary backup chains.
Found primary backup chain with matching signature chain:
-------------------------
Chain start time: Sun Feb 28 09:47:00 2010
Chain end time: Sun Feb 28 09:47:00 2010
Number of contained backup sets: 1
Total number of contained volumes: 1
Type of backup set: Time: Num volumes:
Full Sun Feb 28 09:47:00 2010 1
-------------------------
No orphaned or incomplete backup sets found.
Registering (mktemp) temporary file
/tmp/duplicity-8IdivR-tempdir/mktemp-s50FRz-2
Removing still remembered temporary file
/tmp/duplicity-8IdivR-tempdir/mkstemp-mthCZi-1
Removing still remembered temporary file
/tmp/duplicity-8IdivR-tempdir/mktemp-s50FRz-2
GPG error detail: Traceback (most recent call last):
File "/usr/local/bin/duplicity", line 1236, in <module>
with_tempdir(main)
File "/usr/local/bin/duplicity", line 1229, in with_tempdir
fn()
File "/usr/local/bin/duplicity", line 1210, in main
check_last_manifest(col_stats) # not needed for full backup
File "/usr/local/bin/duplicity", line 970, in check_last_manifest
last_backup_set.check_manifests()
File "/usr/local/lib/python2.6/dist-packages/duplicity/collections.py", line
180, in check_manifests
remote_manifest = self.get_remote_manifest()
File "/usr/local/lib/python2.6/dist-packages/duplicity/collections.py", line
214, in get_remote_manifest
manifest_buffer = self.backend.get_data(self.remote_manifest_name)
File "/usr/local/lib/python2.6/dist-packages/duplicity/backend.py", line 490,
in get_data
assert not fin.close()
File "/usr/local/lib/python2.6/dist-packages/duplicity/dup_temp.py", line
210, in close
assert not self.fileobj.close()
File "/usr/local/lib/python2.6/dist-packages/duplicity/gpg.py", line 201, in
close
self.gpg_failed()
File "/usr/local/lib/python2.6/dist-packages/duplicity/gpg.py", line 168, in
gpg_failed
raise GPGError, msg
GPGError: GPG Failed, see log below:
===== Begin GnuPG log =====
gpg: Entschlüsselung fehlgeschlagen: Geheimer Schlüssel ist nicht vorhanden
===== End GnuPG log =====
GPGError: GPG Failed, see log below:
===== Begin GnuPG log =====
gpg: Entschlüsselung fehlgeschlagen: Geheimer Schlüssel ist nicht vorhanden
===== End GnuPG log =====
Re: [Duplicity-talk] No secret key required on differential backups, Gabriel Ambuehl, 2010/02/28