Hi,
I changed my OS to next Ubuntu LTS 18.04.
First trial to use duplicity after some month with images ended
with an error - and I am not sure if the problem fits to the
Duplicity-talk mails below concerning GnuPG MDC errors.
If it is the same problem: Can somebody tell me how to turn off MDC
via gpg options? Or where to get the information?
Anyhow: Would be nice to get any tips.
Thanks alot in advance
Vera
Encryption failed (Code 2).
gpg: WARNUNG: Unsicheres Besitzverhältnis des Home-Verzeichnis
`/home/XXXX/.gnupg'
gpg: "YYYYYYYY" wird als voreingestellter geheimer
Signaturschlüssel benutzt
[GNUPG:] KEY_CONSIDERED ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ A
[GNUPG:] KEY_CONSIDERED CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC B
[GNUPG:] BEGIN_SIGNING H8
[GNUPG:] PINENTRY_LAUNCHED 7172 gnome3:curses 1.1.0 -
xterm-256color :0
gpg: Beglaubigung fehlgeschlagen: Unpassender IOCTL (I/O-Control)
für das Gerät
[GNUPG:] BEGIN_ENCRYPTION 2 9
[GNUPG:] FAILURE sign-encrypt 83918950
gpg: /usr/bin/duply: sign+encrypt failed: Unpassender IOCTL
(I/O-Control) für das Gerät
Hint:
This error means that gpg is probably misconfigured or not working
correctly. The error message above should help to solve the
problem.
However, if for some reason duply should misinterpret the
situation you
can define GPG_TEST='disabled' in the conf file to bypass the
test.
Please do not forget to report the bug in order to resolve the
problem
in future versions of duply.
-------- Weitergeleitete Nachricht --------
Betreff: Re: [Duplicity-talk] Ignoring GnuPG MDC errors
Datum: Wed, 5 Sep 2018 15:42:21 -0500
Von: Kenneth Loafman via Duplicity-talk <address@hidden>
Antwort an: Discussion about duplicity backup
<address@hidden>
An: Discussion about duplicity backup <address@hidden>
Kopie (CC): Kenneth Loafman <address@hidden>
Hi,
Prior to GNUpg 2.2.8, the MDC (modify detection code) was
optional. Now
it's on by default. Duplicity does a hash of the entire file so
the MDC is
duplication of effort. Plus the effort is difficult when maintaining
backwards compatibility. I decided that other development was more
important at this time, so turned off MDC via gpg options and got
rid of
the problem. You are still protected by the hash stored in the
manifest.
...Thanks,
...Ken
On Tue, Sep 4, 2018 at 5:45 PM Leo Famulari via Duplicity-talk <
address@hidden> wrote:
Hi,
I'm curious about the resolution of bug #1780617 [0],
"test_sigchain_fileobj test fails when GnuPG >= 2.2.8".
The bug was filed in response to a recent change in GnuPG that
made gpg
check for integrity errors ("MDC errors") in encrypted archives by
default, and to consider integrity errors to be a hard failure.
This change in GnuPG caused a test failure in Duplicity, and the
response was to unconditionally ignore the result of the integrity
check. [1]
The Duplicity web page says, "Because duplicity uses GnuPG to encrypt
and/or sign these archives, they will be safe from spying and/or
modification by the server."
I don't fully understand the impact of this change on Duplicity,
or how
Duplicity stores and authenticates its archives. How does Duplicity
protect against modification of backup archives?
[0] https://bugs.launchpad.net/duplicity/+bug/1780617
[1]
https://bazaar.launchpad.net/~duplicity-team/duplicity/0.8-series/revision/1308
_______________________________________________
Duplicity-talk mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
_______________________________________________
Duplicity-talk mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/duplicity-talk