gpg key password asked for backup after verify

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

gpg key password asked for backup after verify

duplicity-talk mailing list
Hi,

I had encrypted backups working fine for weeks on a server. As the encryption uses the public key, it doesn't ask for a password.

Then I did a duplicity verify, which requires the gpg private key, and asks for a password.
The verify went fine, but since then the gpg key password is also asked for backups, preventing the automation.... I'm nearly sure this is linked

I have removed the duplicity cache in ~/.cache/duplicity, but to no avail....

Any suggestion?

Thanks

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: gpg key password asked for backup after verify

duplicity-talk mailing list
On 24.05.2017 11:28, Raphael Bauduin via Duplicity-talk wrote:

> Hi,
>
> I had encrypted backups working fine for weeks on a server. As the encryption uses the public key, it doesn't ask for a password.
>
> Then I did a duplicity verify, which requires the gpg private key, and asks for a password.
> The verify went fine, but since then the gpg key password is also asked for backups, preventing the automation.... I'm nearly sure this is linked
>
> I have removed the duplicity cache in ~/.cache/duplicity, but to no avail....
>
> Any suggestion?
>

1.
are you using duply?

2.
what is your backup command line?

3.
what's the language locale of your os?

..ede/duply.net

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: gpg key password asked for backup after verify

duplicity-talk mailing list


On Wed, May 24, 2017 at 12:19 PM, edgar.soldin--- via Duplicity-talk <[hidden email]> wrote:
On <a value="+12405201711" href="tel:24.05.2017%2011">24.05.2017 11:28, Raphael Bauduin via Duplicity-talk wrote:
> Hi,
>
> I had encrypted backups working fine for weeks on a server. As the encryption uses the public key, it doesn't ask for a password.
>
> Then I did a duplicity verify, which requires the gpg private key, and asks for a password.
> The verify went fine, but since then the gpg key password is also asked for backups, preventing the automation.... I'm nearly sure this is linked
>
> I have removed the duplicity cache in ~/.cache/duplicity, but to no avail....
>
> Any suggestion?
>

1.
are you using duply?

no
 

2.
what is your backup command line?

 LC_ALL=en_US /bin/duplicity   inc --encrypt-key 'XXXX' --exclude /root/.cache/duplicity --exclude  /home/backups --exclude /home/restore --exclude /backups  --include /home/sftp --include /etc --include /home --include /root --exclude '**' / par2+rsync://rsync/duplicity/   --verbosity debug

 

3.
what's the language locale of your os?

I'm forcing it to en_US, which worked fine.

Investigating further, I think I might have deleted the cache before I did the verify. So not sure which one causes what.
I took a look at the code. Here is the code in question asking for the password when the cache was empty, where I added a print:
            if local_missing and (rem_needpass or loc_needpass):
                if decrypt:
                    # password for the --encrypt-key
                    print "local_missing = %s,--  %s, -- %s" % (local_missing, rem_needpass, loc_needpass)
                    globals.gpg_profile.passphrase = get_passphrase(1, "sync")

local_missing was a set of .sigtar.gpg files, rem_needpass was True and loc_needpass was False.

Now I have done a backup manually (providing the key password), I have the else clause below asking for the password although the action is inc:

    elif (action == "inc" and
          (globals.gpg_profile.recipients or globals.gpg_profile.hidden_recipients) and not
          globals.gpg_profile.sign_key and not globals.restart):
        return ""

    # Finally, ask the user for the passphrase
    else:
        print "action = %s" % action
        log.Info(_("PASSPHRASE variable not set, asking user."))
        use_cache = True


globals.gpg_profile.recipients is my encryption key id, globals.gpg_profile.sign_key is None, but globals.restart= <__main__.Restart instance at 0x13a8518>

So it seems that the globals.restart is set and makes the code skip the action == "inc" part.

Any idea what the problem might be?

Thanks

 

..ede/duply.net

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk



--
Web database: http://www.myowndb.com
Free Software Developers Meeting: http://www.fosdem.org

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: gpg key password asked for backup after verify

duplicity-talk mailing list
On 24.05.2017 13:17, Raphael Bauduin wrote:

>
>
> On Wed, May 24, 2017 at 12:19 PM, edgar.soldin--- via Duplicity-talk <[hidden email] <mailto:[hidden email]>> wrote:
>
>     On 24.05.2017 11 <tel:24.05.2017%2011>:28, Raphael Bauduin via Duplicity-talk wrote:
>     > Hi,
>     >
>     > I had encrypted backups working fine for weeks on a server. As the encryption uses the public key, it doesn't ask for a password.
>     >
>     > Then I did a duplicity verify, which requires the gpg private key, and asks for a password.
>     > The verify went fine, but since then the gpg key password is also asked for backups, preventing the automation.... I'm nearly sure this is linked
>     >
>     > I have removed the duplicity cache in ~/.cache/duplicity, but to no avail....
>     >
>     > Any suggestion?
>     >
>
>     1.
>     are you using duply?
>
>
> no
>  
>
>
>     2.
>     what is your backup command line?
>
>
>  LC_ALL=en_US /bin/duplicity   inc --encrypt-key 'XXXX' --exclude /root/.cache/duplicity --exclude  /home/backups --exclude /home/restore --exclude /backups  --include /home/sftp --include /etc --include /home --include /root --exclude '**' / par2+rsync://rsync/duplicity/   --verbosity debug
>
>  
>
>
>     3.
>     what's the language locale of your os?
>
>
> I'm forcing it to en_US, which worked fine.
>
> Investigating further, I think I might have deleted the cache before I did the verify. So not sure which one causes what.
> I took a look at the code. Here is the code in question asking for the password when the cache was empty, where I added a print:
>             if local_missing and (rem_needpass or loc_needpass):
>                 if decrypt:
>                     # password for the --encrypt-key
>                     print "local_missing = %s,--  %s, -- %s" % (local_missing, rem_needpass, loc_needpass)
>                     globals.gpg_profile.passphrase = get_passphrase(1, "sync")
>
> local_missing was a set of .sigtar.gpg files, rem_needpass was True and loc_needpass was False.
>
> Now I have done a backup manually (providing the key password), I have the else clause below asking for the password although the action is inc:
>
>     elif (action == "inc" and
>           (globals.gpg_profile.recipients or globals.gpg_profile.hidden_recipients) and not
>           globals.gpg_profile.sign_key and not globals.restart):
>         return ""
>
>     # Finally, ask the user for the passphrase
>     else:
>         print "action = %s" % action
>         log.Info(_("PASSPHRASE variable not set, asking user."))
>         use_cache = True
>
>
> globals.gpg_profile.recipients is my encryption key id, globals.gpg_profile.sign_key is None, but globals.restart= <__main__.Restart instance at 0x13a8518>
>
> So it seems that the globals.restart is set and makes the code skip the action == "inc" part.
>
> Any idea what the problem might be?
>
> Thanks
>

ok, your backup is restarting. restarting _needs_ to decode some information from the backed, which can only be done w/ priv key and passphrase.

what you ran into here is essentially the reason, why


_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: gpg key password asked for backup after verify

duplicity-talk mailing list
In reply to this post by duplicity-talk mailing list
whoops, hit send too fast. read on below.

On 24.05.2017 13:17, Raphael Bauduin wrote:

>
>
> On Wed, May 24, 2017 at 12:19 PM, edgar.soldin--- via Duplicity-talk <[hidden email] <mailto:[hidden email]>> wrote:
>
>     On 24.05.2017 11 <tel:24.05.2017%2011>:28, Raphael Bauduin via Duplicity-talk wrote:
>     > Hi,
>     >
>     > I had encrypted backups working fine for weeks on a server. As the encryption uses the public key, it doesn't ask for a password.
>     >
>     > Then I did a duplicity verify, which requires the gpg private key, and asks for a password.
>     > The verify went fine, but since then the gpg key password is also asked for backups, preventing the automation.... I'm nearly sure this is linked
>     >
>     > I have removed the duplicity cache in ~/.cache/duplicity, but to no avail....
>     >
>     > Any suggestion?
>     >
>
>     1.
>     are you using duply?
>
>
> no
>  
>
>
>     2.
>     what is your backup command line?
>
>
>  LC_ALL=en_US /bin/duplicity   inc --encrypt-key 'XXXX' --exclude /root/.cache/duplicity --exclude  /home/backups --exclude /home/restore --exclude /backups  --include /home/sftp --include /etc --include /home --include /root --exclude '**' / par2+rsync://rsync/duplicity/   --verbosity debug
>
>  
>
>
>     3.
>     what's the language locale of your os?
>
>
> I'm forcing it to en_US, which worked fine.
>
> Investigating further, I think I might have deleted the cache before I did the verify. So not sure which one causes what.
> I took a look at the code. Here is the code in question asking for the password when the cache was empty, where I added a print:
>             if local_missing and (rem_needpass or loc_needpass):
>                 if decrypt:
>                     # password for the --encrypt-key
>                     print "local_missing = %s,--  %s, -- %s" % (local_missing, rem_needpass, loc_needpass)
>                     globals.gpg_profile.passphrase = get_passphrase(1, "sync")
>
> local_missing was a set of .sigtar.gpg files, rem_needpass was True and loc_needpass was False.
>
> Now I have done a backup manually (providing the key password), I have the else clause below asking for the password although the action is inc:
>
>     elif (action == "inc" and
>           (globals.gpg_profile.recipients or globals.gpg_profile.hidden_recipients) and not
>           globals.gpg_profile.sign_key and not globals.restart):
>         return ""
>
>     # Finally, ask the user for the passphrase
>     else:
>         print "action = %s" % action
>         log.Info(_("PASSPHRASE variable not set, asking user."))
>         use_cache = True
>
>
> globals.gpg_profile.recipients is my encryption key id, globals.gpg_profile.sign_key is None, but globals.restart= <__main__.Restart instance at 0x13a8518>
>
> So it seems that the globals.restart is set and makes the code skip the action == "inc" part.
>
> Any idea what the problem might be?
>
> Thanks
>

ok, your backup is restarting. restarting happens when a backup was interrupted. restarting _needs_ to decrypt some information from the backend, which can only be done w/ priv key and passphrase of course.

what you ran into here is essentially this bug
  https://bugs.launchpad.net/duplicity/+bug/687295

consider using two key pairs in the future. duplicity using gpg can encrypt to multiple keys. place

A. a sec/pub key for the box
B. your own pub key

in your keyring. then backup against both keys and optionally use the machine key to sign your backups. this way the box can decrypt when needed w/o needing your very secret personal private key.

..ede/duply.net


_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: gpg key password asked for backup after verify

duplicity-talk mailing list
Raph,

On 24.05.2017 16:14, Raphael Bauduin wrote:
> Just confirm that's what I had. Making a full successful backup makes it run fine without password prompt on subsequent runs.
>
> Thanks a lot for your help!

n.P. still i'd advise you to to not run duplicity the way you are running it. that way (silent ignore of archive synching) you risk running into an inconsistent backup (duplicity writing wrong incrementals).

also prohibiting the machine that has full access to the backup data, backup backend to restore the backup does make nothing safer. if you are worried about your private key, create a machine key pair.

..ede/duply.net

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: gpg key password asked for backup after verify

duplicity-talk mailing list


On Wed, May 24, 2017 at 4:27 PM, <[hidden email]> wrote:
Raph,

On <a href="tel:24.05.2017%2016" value="+12405201716">24.05.2017 16:14, Raphael Bauduin wrote:
> Just confirm that's what I had. Making a full successful backup makes it run fine without password prompt on subsequent runs.
>
> Thanks a lot for your help!

n.P. still i'd advise you to to not run duplicity the way you are running it. that way (silent ignore of archive synching) you risk running into an inconsistent backup (duplicity writing wrong incrementals).

also prohibiting the machine that has full access to the backup data, backup backend to restore the backup does make nothing safer. if you are worried about your private key, create a machine key pair.

Yes, I will do that, thanks for that solution
 

..ede/duply.net



--
Web database: http://www.myowndb.com
Free Software Developers Meeting: http://www.fosdem.org

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk