Duplicity

Shows error message "Volume was signed by key XXXXXXXXXXXXXXXX, not XXXXXXXX"

Bug #1714663 reported by Valentin Stoykov
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Duplicity
Fix Released
Medium
Unassigned
Duplicity 0.7.15

Bug Description

Example:

valentin@computer:~/tmp$ duplicity --encrypt-sign-key 0CED0054 data file:///tmp/backup
Local and Remote metadata are synchronized, no sync needed.
Last full backup date: none
GnuPG passphrase:
GnuPG passphrase for signing key:
No signatures found, switching to full backup.
--------------[ Backup Statistics ]--------------
StartTime 1504351535.91 (Sat Sep 2 14:25:35 2017)
EndTime 1504351536.11 (Sat Sep 2 14:25:36 2017)
ElapsedTime 0.20 (0.20 seconds)
SourceFiles 5
SourceFileSize 2202713 (2.10 MB)
NewFiles 5
NewFileSize 2202713 (2.10 MB)
DeletedFiles 0
ChangedFiles 0
ChangedFileSize 0 (0 bytes)
ChangedDeltaSize 0 (0 bytes)
DeltaEntries 5
RawDeltaSize 2202707 (2.10 MB)
TotalDestinationSizeChange 2207511 (2.11 MB)
Errors 0
-------------------------------------------------

valentin@computer:~/tmp$ mv data data.2
valentin@computer:~/tmp$ mkdir data
valentin@computer:~/tmp$ duplicity --encrypt-sign-key 0CED0054 file:///tmp/backup data
Local and Remote metadata are synchronized, no sync needed.
Last full backup date: Sat Sep 2 14:25:32 2017
GnuPG passphrase:
Volume was signed by key FC7C18370CED0054, not 0CED0054
valentin@computer:~/tmp$

Another example:

valentin@computer:~/tmp$ duplicity --encrypt-sign-key 0CED0054 verify file:///tmp/backup data --compare-data
Local and Remote metadata are synchronized, no sync needed.
Last full backup date: Sat Sep 2 14:25:32 2017
GnuPG passphrase:
Difference found: File . has mtime Sat Sep 2 14:25:53 2017, expected Sat Sep 2 14:03:07 2017
Volume was signed by key FC7C18370CED0054, not 0CED0054
valentin@computer:~/tmp$

It is not clear that the duplicity is actually verifying signatures with the same key (FC7C18370CED0054 is just a long name of the same key - 0CED0054) or giving up on this.

The user is not informed properly what duplicity is doing when it encounter this error.

Also, this can be prevented by using the full fingerprint of the key (when user enter the short name the duplicity can find the long fingerprint and use it).

Software version:

valentin@computer:~$ duplicity --version
duplicity 0.7.14
valentin@computer:~$ cat /proc/version
Linux version 4.4.0-93-generic (buildd@lgw01-03) (gcc version 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.4) ) #116-Ubuntu SMP Fri Aug 11 21:17:51 UTC 2017
valentin@computer:~$ cat /etc/os-release
NAME="Ubuntu"
VERSION="16.04.3 LTS (Xenial Xerus)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 16.04.3 LTS"
VERSION_ID="16.04"
HOME_URL="http://www.ubuntu.com/"
SUPPORT_URL="http://help.ubuntu.com/"
BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"
VERSION_CODENAME=xenial
UBUNTU_CODENAME=xenial
valentin@computer:~$ python --version
Python 2.7.12
valentin@computer:~$

See original description
Valentin Stoykov (vstoykovbg)
description: updated
Kenneth Loafman (kenneth-loafman)
Changed in duplicity:
importance: Undecided → Medium
milestone: none → 0.7.15
status: New → Fix Committed
Kenneth Loafman (kenneth-loafman)
Changed in duplicity:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.