duplicity-talk
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] a question on duplicity and gpg

From: Giuliano Franchetti
Subject: Re: [Duplicity-talk] a question on duplicity and gpg
Date: Fri, 20 Nov 2020 13:27:33 +0100
Hi Edgar, 


this is my gpg version 

gpg (GnuPG) 2.2.24
libgcrypt 1.8.6
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /Users/giuliano/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

and this is the duplicity version 

duplicity 0.7.18.1


Giuliano




On 20. Nov 2020, at 11:32, edgar.soldin--- via Duplicity-talk <duplicity-talk@nongnu.org> wrote:

hey Giuliano,

On 11/20/2020 9:36, Giuliano Franchetti via Duplicity-talk wrote:
Hello to all, 

after installing duplicity I find a new behaviour of gpg. 

which duplicity, gpg versions?

that's not exactly caused by duplicity. gpg2 uses gpg-agent by default for all password related stuff. duplicity enables '--pinentry-mode=loopback' for it's gpg calls to prevent that.

you can research gpg documentation to find out how to disable gpg-agent or set a very short password caching time (ttl).

I have in my computer several files that I have gpg-encrypted and for accessing them 
I had to give a passphrase. 

After installing duplicity suddenly to access the files gpg encrypted it is not 
necessary a passphrase anymore. It seems that duplicity activate a gpg-agent that 
read the passphrase to automatize duplicity. At the moment I use duplicity with 
symmetric encryption because I save a backup in a disk in my home. 

This behaviour of gpg  makes all the files I had unsafe as anybody entering in my computer 
can open any gpg encrypted file. Is it possible to use duplicity, but not having this effect?


you shouldn't leave your system unlocked then :). but yeah, obviously not what you intended.

it's possible that you have a special combination of duplicity/gpg2 installed that does not disable gpg-agent properly, but i need to know which versions you are running.
it's also possible that gpg-agent is running from your manual gpg calls because written that's the new default gpg2 behaviour.

..ede/duply.net

_______________________________________________
Duplicity-talk mailing list
Duplicity-talk@nongnu.org
https://lists.nongnu.org/mailman/listinfo/duplicity-talk


_

Giuliano Franchetti

Storage Rings/ Accelerator Operations

Office:         C26 1.019
phone:       +49 6159 71 1535
fax:             +49 6159 71 3099
e-mail:        G.Franchetti@gsi.de
http://web-docs.gsi.de/~giuliano 

GSI Helmholtzzentrum für Schwerionenforschung GmbH
Planckstraße 1, 64291 Darmstadt, Germany, www.gsi.de

Commercial Register / Handelsregister: Amtsgericht Darmstadt, HRB 1528
Managing Directors / Geschäftsführung:
Professor Dr. Paolo Giubellino, Dr. Ulrich Breuer, Jörg Blaurock
Chairman of the Supervisory Board / Vorsitzender des GSI-Aufsichtsrats:
State Secretary / Staatssekretär Dr. Georg Schütte

Commercial Register / Handelsregister: Amtsgericht Darmstadt, HRB 1528
Managing Directors / Geschäftsführung:
Professor Dr. Paolo Giubellino, Ursula Weyrich, Jörg Blaurock
Chairman of the Supervisory Board / Vorsitzender des GSI-Aufsichtsrats:
Ministerialdirigent Dr. Volkmar Dietz




reply via email to
[Prev in Thread] Current Thread [Next in Thread]