Merge lp:~mturquette/duplicity/duplicity into lp:~duplicity-team/duplicity/0.7-series
Status: | Rejected |
---|---|
Rejected by: | Kenneth Loafman |
Proposed branch: | lp:~mturquette/duplicity/duplicity |
Merge into: | lp:~duplicity-team/duplicity/0.7-series |
Diff against target: |
38 lines (+14/-12) 1 file modified
bin/duplicity (+14/-12) |
To merge this branch: | bzr merge lp:~mturquette/duplicity/duplicity |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Kenneth Loafman | Disapprove | ||
edso | Needs Fixing | ||
Review via email: mp+232153@code.launchpad.net |
Description of the change
I ran into a problem while using duplicity on my laptop, where I store my public gpg key, but not my private key. This is because my laptop may be stolen, lost or otherwise detained.
I still want to encrypt backups, which I can do sufficiently with a public key and Duplicity does this just fine. But things fall apart when Duplicity tries to decrypt the first volume of the backup in validate_
To handle this case I have introduced the --no-secret-key option, which was first proposed on the list in 2010:
http://
This option simply skips the encryption settings validation if set. The responsibility is on the user to periodically sanity check backups.
Unmerged revisions
- 990. By Michael Turquette
-
Introduce --no-secret-key option for the purpose of encrypting backups
with only a public key. Without this change duplicity begins a backup,
but then fails subsequent backups while trying to decrypt the first
volume. This scheme is most useful for laptops and other mobile devices
where the user does not wish to keep the secret key on disk.This concept was first published to the list in 2010:
http://article. gmane.org/ gmane.comp. sysutils. backup. duplicity. general/ 4299 Signed-off-by: Mike Turquette <email address hidden>
On 26.08.2014 03:28, Mike Turquette wrote: /code.launchpad .net/~mturquett e/duplicity/ duplicity/ +merge/ 232153 encryption_ settings( ) and fails on my laptop due to the lack of private key. article. gmane.org/ gmane.comp. sysutils. backup. duplicity. general/ 4299
> Mike Turquette has proposed merging lp:~mturquette/duplicity/duplicity into lp:duplicity.
>
> Requested reviews:
> duplicity-team (duplicity-team)
>
> For more details, see:
> https:/
>
> I ran into a problem while using duplicity on my laptop, where I store my public gpg key, but not my private key. This is because my laptop may be stolen, lost or otherwise detained.
>
> I still want to encrypt backups, which I can do sufficiently with a public key and Duplicity does this just fine. But things fall apart when Duplicity tries to decrypt the first volume of the backup in validate_
>
> To handle this case I have introduced the --no-secret-key option, which was first proposed on the list in 2010:
> http://
if you read the thread more thorough you'll see that the switch was meant for a totally different point in the code. the sanity decode routine was not introduced at that time.
>
> This option simply skips the encryption settings validation if set. The responsibility is on the user to periodically sanity check backups.
>
it also seems to disable the "was backup (un)encrypted before and is still check" in line 330
so i see these problems:
- collections.py must be patched as well, as drafted in the ml thread above encryption_ settings( )
- the manpage bin/duplicity.1 has to be updated with a proper explanation of the parameter and it's dangers
- only disable the decryption trial in validate_
make sure that you deliver a patch for lp:duplicity , which is the new current developing branch for an upcoming duplicity 0.7
..ede/duply.net