Package: duply Version: 1.11-1 Severity: normal I have a setting like this
# -*- shell-script-mode -*- # gpg encryption settings, simple settings: # GPG_KEY='disabled' - disables encryption alltogether # GPG_KEY='<key1>[,<key2>]'; GPG_PW='pass' - encrypt with keys, sign # with key1 if secret key available and use GPG_PW for sign & decrypt # GPG_PW='passphrase' - symmetric encryption using passphrase only #GPG_KEY='_KEY_ID_' #GPG_PW='_GPG_PASSWORD_' # gpg encryption settings in detail (extended settings) # the above settings translate to the following more specific settings # GPG_KEYS_ENC='<keyid1>,[<keyid2>,...]' - list of pubkeys to encrypt to # GPG_KEY_SIGN='<keyid1>|disabled' - a secret key for signing # GPG_PW='<passphrase>' - needed for signing, decryption and symmetric # encryption. If you want to deliver different passphrases for e.g. # several keys or symmetric encryption plus key signing you can use # gpg-agent. Add '--use-agent' to the duplicity parameters below. # also see "A NOTE ON SYMMETRIC ENCRYPTION AND SIGNING" in duplicity manpage # notes on en/decryption # private key and passphrase will only be needed for decryption or signing. # decryption happens on restore and incrementals (compare archdir contents). # for security reasons it makes sense to separate the signing key from the # encryption keys. https://answers.launchpad.net/duplicity/+question/107216 #GPG_KEYS_ENC='<pubkey1>,<pubkey2>,...' #GPG_KEY_SIGN='<prvkey>' GPG_KEYS_ENC=6CB95BE4 GPG_KEY_SIGN='disabled' # set if signing key passphrase differs from encryption (key) passphrase # NOTE: available since duplicity 0.6.14, translates to SIGN_PASSPHRASE #GPG_PW_SIGN='<signpass>' # gpg options passed from duplicity to gpg process (default='') # e.g. "--trust-model pgp|classic|direct|always" # or "--compress-algo=bzip2 --bzip2-compress-level=9" # or "--personal-cipher-preferences AES256,AES192,AES..." #GPG_OPTS='' # disable preliminary tests with the following setting GPG_TEST='disabled' which is meant to encrypt backups without password, and ask for password for decrypting. However since upgrade to 1.11, no operation is possible because of this lack of password. I do want to encrypt backup, and I do not want to write the decryption password anywhere. Is there a new way to achieve this ? (even the status command fails because of no password). -- System Information: Debian Release: 8.2 APT prefers proposed-updates APT policy: (700, 'proposed-updates'), (600, 'stable'), (500, 'stable-updates'), (400, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.2.0-0.bpo.1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages duply depends on: ii duplicity 0.7.05-2 ii gnupg 1.4.18-7 duply recommends no packages. Versions of packages duply suggests: ii openssh-client 1:6.7p1-5 -- no debconf information
