Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before

duplicity-talk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before

From:	Chris Poole
Subject:	Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?
Date:	Thu, 14 Jul 2011 11:19:48 +0100

On Thu, Jul 14, 2011 at 9:38 AM,  <address@hidden> wrote:
> On 13.07.2011 17:53, Chris Poole wrote:
>> (Thus, it's very important to sign
>> backups being stored in untrusted locations.)
>
> It is provided the public key used is published somewhere or in other ways 
> available to a possible attacker. If you create a keypair just for your 
> backup and keep it on the backup machine and in your secure storage (for 
> restoring) you don't necessarily need it.
>
> On the other hand. Currently duplicity needs a private key to work reliably, 
> so signing to it does no harm and can be seen as an extra lock for an 
> intruder to pick. see http://bugs.launchpad.net/duplicity/+bug/687295

Thanks. I'm going to get used to signing my backups. I don't use cron
to do them for me anyway.

What I find annoying is that Duplicity asks me for my passphrase (when
doing an incremental backup) 3 times. Surely once is enough, to
decrypt my private key? (Using the same Key ID to encrypt and sign my
backup.)

[Prev in Thread]

Current Thread

[Next in Thread]

[Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Chris Poole, 2011/07/13
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Martin Pool, 2011/07/13
  - Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Kenneth Loafman, 2011/07/13
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, edgar . soldin, 2011/07/14
  - Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Chris Poole <=
    - Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, edgar . soldin, 2011/07/14
    - Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Kenneth Loafman, 2011/07/14
    - Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, edgar . soldin, 2011/07/14
    - Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Kenneth Loafman, 2011/07/14
    - Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, edgar . soldin, 2011/07/14
    - Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Chris Poole, 2011/07/14
    - Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Chris Poole, 2011/07/14
    - Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, edgar . soldin, 2011/07/14
    - Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Chris Poole, 2011/07/18
    - Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, edgar . soldin, 2011/07/18

Prev by Date: Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?
Next by Date: Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?
Previous by thread: Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?
Next by thread: Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?
Index(es):
- Date
- Thread