[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Duplicity-talk] decryption failed: secret key not available after purgi
|
From: |
Patrick Allemann |
|
Subject: |
[Duplicity-talk] decryption failed: secret key not available after purging .cache |
|
Date: |
Tue, 07 Dec 2010 15:55:10 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.12) Gecko/20101027 Thunderbird/3.1.6 |
Hi all,
I am currently running daily backups without any problems for a couple
of months and I wanted to test what would happen if I would lose the host.
Setup is:
duply version 1.5.4
and
duplicity 0.6.10
I was able to reproduce this on two different machines:
The Backup is OK (output cropped)
/bin/duply sys_duply status
================================================================================
duplicity 0.6.10 (September 19, 2010)
Args: /usr/bin/duplicity collection-status --name duply_sys_duply
--encrypt-key 33A19F7C --sign-key 33A19F7C --verbosity 6
--full-if-older-than 1M --asynchronous-upload --allow-source-mismatch
--ssh-askpass scp://address@hidden/sysbackup/sys_duply
Linux sn72685 2.6.26-2-amd64 #1 SMP Thu Sep 16 15:56:38 UTC 2010 x86_64
/usr/bin/python 2.5.2 (r252:60911, Jan 24 2010, 17:44:40)
Chain start time: Tue Dec 7 15:23:25 2010
Chain end time: Tue Dec 7 15:23:25 2010
Number of contained backup sets: 1
Total number of contained volumes: 1
Type of backup set: Time: Num volumes:
Full Tue Dec 7 15:23:25 2010 1
-------------------------
No orphaned or incomplete backup sets found.
Using temporary directory /tmp/duplicity-KRgS5F-tempdir
--- Finished state OK at 15:43:32.320 - Runtime 00:00:13.383 ---
Now in order to have duplicity re-download the manifests I move away the
.cache/duplicity/duply_sys_duply directory. The .duply-directories, the
GPG-Keys - everything is left untouched.
~/.cache/duplicity# mv duply_sys_duply/ duply_sys_duply_bkup
When I re-run the command:
/bin/duply sys_duply status
duplicity 0.6.10 (September 19, 2010)
Args: /usr/bin/duplicity collection-status --name duply_sys_duply
--encrypt-key 33A19F7C --sign-key 33A19F7C --verbosity 6
--full-if-older-than 1M --asynchronous-upload --allow-source-mismatch
--ssh-askpass scp://address@hidden/sysbackup/sys_duply
Linux sn72685 2.6.26-2-amd64 #1 SMP Thu Sep 16 15:56:38 UTC 2010 x86_64
/usr/bin/python 2.5.2 (r252:60911, Jan 24 2010, 17:44:40)
[GCC 4.3.2]
================================================================================
Running 'sftp -oServerAliveInterval=15 -oServerAliveCountMax=2
address@hidden' (attempt #1)
sftp command: 'mkdir "sysbackup/sys_duply"'
sftp command: 'cd "sysbackup/sys_duply"'
sftp command: 'ls -1'
Synchronizing remote metadata to local cache...
Copying duplicity-full-signatures.20101115T120220Z.sigtar to local cache.
Using temporary directory /tmp/duplicity-nQJNG3-tempdir
Running 'sftp -oServerAliveInterval=15 -oServerAliveCountMax=2
address@hidden' (attempt #1)
sftp command: 'get
"sysbackup/sys_duply/duplicity-full-signatures.20101115T120220Z.sigtar.gpg"
"/tmp/duplicity-nQJNG3-tempdir/mktemp--c4cGb-1"'
GPG error detail: Traceback (most recent call last):
File "/usr/bin/duplicity", line 1245, in <module>
with_tempdir(main)
File "/usr/bin/duplicity", line 1238, in with_tempdir
fn()
File "/usr/bin/duplicity", line 1139, in main
sync_archive()
File "/usr/bin/duplicity", line 953, in sync_archive
copy_to_local(fn)
File "/usr/bin/duplicity", line 913, in copy_to_local
size=sys.maxint)
File "/usr/lib/python2.5/site-packages/duplicity/gpg.py", line 331,
in GzipWriteFile
new_block = block_iter.next(min(128*1024, bytes_to_go))
File "/usr/bin/duplicity", line 894, in next
self.fileobj.close()
File "/usr/lib/python2.5/site-packages/duplicity/dup_temp.py", line
210, in close
assert not self.fileobj.close()
File "/usr/lib/python2.5/site-packages/duplicity/gpg.py", line 198,
in close
self.gpg_failed()
File "/usr/lib/python2.5/site-packages/duplicity/gpg.py", line 165,
in gpg_failed
raise GPGError, msg
GPGError: GPG Failed, see log below:
===== Begin GnuPG log =====
gpg: encrypted with ELG-E key, ID 569CEC70
gpg: decryption failed: secret key not available
===== End GnuPG log =====
GPGError: GPG Failed, see log below:
===== Begin GnuPG log =====
gpg: encrypted with ELG-E key, ID 569CEC70
gpg: decryption failed: secret key not available
===== End GnuPG log =====
15:48:06.381 Task 'STATUS' failed with exit code '31'.
--- Finished state FAILED 'code 31' at 15:48:06.381 - Runtime
00:00:10.960 ---
The directory in cache/duplicity is being created - if I move everything
back - no problem running the command.
The key mentioned in the GPG-error is completely unknown to me...
/root/.gnupg/secring.gpg
------------------------
sec 1024D/33A19F7C 2010-11-25
uid patricks secret key
ssb 1024g/34F60720 2010-11-25
also: ~/.duply/sys_duply# ls
conf exclude gpgkey.33A19F7C.pub.asc gpgkey.33A19F7C.sec.asc
The expected behavior would be that duplicity re-downloads the manifests
if missing on the local cache. I am not quite sure what I could have
done to mess up the thing.
Thank you for your help
Regards
Patrick
- [Duplicity-talk] decryption failed: secret key not available after purging .cache,
Patrick Allemann <=