Re: [Duplicity-talk] Why should i sign my backup

duplicity-talk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] Why should i sign my backup

From:	edgar . soldin
Subject:	Re: [Duplicity-talk] Why should i sign my backup
Date:	Tue, 21 Sep 2010 20:51:11 +0200
User-agent:	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.9) Gecko/20100915 Thunderbird/3.1.4

There was a interesting dialog a while ago on launchpad
https://answers.launchpad.net/duplicity/+question/107216

Maybe this helps to clear up why a signing key might be needed.

..ede/duply.net

On 21.09.2010 20:28, Yves Goergen wrote:

On 21.09.2010 16:26 CE(S)T, Martin Basting wrote:

I am exploring duplicity for a few days now, but is till have one question.
Why should i use the --sign-key command?
The only thing that i can imagine is that you can check the integrity of
the backup.
But does it has any other advantages? Because you have to place a
password in you script i would say that it even is unsecure.


I think you may not trust that signature if *your* server was hacked,
but you could very well trust it if only the backup location was hacked.

Although I believe it is very unlikely that somebody could manipulate
your backup in a reasonable way if it's entirely encrypted again. To
manipulate things, you usually read them and write back small modifications.

[Prev in Thread]

Current Thread

[Next in Thread]

[Duplicity-talk] Why should i sign my backup, Martin Basting, 2010/09/21
- Re: [Duplicity-talk] Why should i sign my backup, Yves Goergen, 2010/09/21
  - Re: [Duplicity-talk] Why should i sign my backup, edgar . soldin <=

Prev by Date: Re: [Duplicity-talk] Why should i sign my backup
Next by Date: Re: [Duplicity-talk] File size listing
Previous by thread: Re: [Duplicity-talk] Why should i sign my backup
Next by thread: [Duplicity-talk] File size listing
Index(es):
- Date
- Thread