Bug#726072: backupninja: does not pass on GPG passphrase to duplicity
Control: tag -1 + upstream Control: severity -1 wishlist Control: retitle -1 [duplicity] please support different passphrases for signing and encryption Hi Dominik, Dominik George wrote (11 Oct 2013 23:44:46 GMT) : When using different encryption and signing keys, the password config variable is not passed as PASSPHRASE environment variable, making duplicity expect the passphrase on stdin. I acknowledge this is a limitation of the current implementation. It's documented in example.dup. FYI backupninja is in maintenance mode: patches are welcome, but don't expect upstream to add new features. I think there might be some confusion between signing and encrpyting anyway, because the config file commentary suggests that a pass- phrase is used for unlocking the encryption key, which is plain non- sense as GPG always uses public keys for (message) encryption. I don't think this to be non-sense. The passphrase that unlocks the encryption key is needed at incremental backup time because duplicity needs to decrypt the metadata of previous backup sets, in order to know what's new to backup. If you still think it's non-sense while being aware of this, please clarify :) Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#726072: backupninja: does not pass on GPG passphrase to duplicity
I think there might be some confusion between signing and encrpyting anyway, because the config file commentary suggests that a pass- phrase is used for unlocking the encryption key, which is plain non- sense as GPG always uses public keys for (message) encryption. I don't think this to be non-sense. The passphrase that unlocks the encryption key is needed at incremental backup time because duplicity needs to decrypt the metadata of previous backup sets, in order to know what's new to backup. If you still think it's non-sense while being aware of this, please clarify :) I am doing incremental backups without even having the encryption key private aprt available, I am encrypting backups to my smartcard which the server does not have access to. Works perfectly! -- Wer den Grünkohl nicht ehrt, ist der Mettwurst nicht wert! PGP-Fingerprint: 3C9D 54A4 7575 C026 FB17 FD26 B79A 3C16 A0C4 F296 signature.asc Description: Digital signature
Bug#726072: backupninja: does not pass on GPG passphrase to duplicity
Dominik George wrote (12 Oct 2013 08:58:11 GMT) : I am doing incremental backups without even having the encryption key private aprt available, I am encrypting backups to my smartcard which the server does not have access to. Works perfectly! I am glad this works fine for you. It wasn't the case before duplicity got itself a local (unencrypted) cache directory, and in my understanding, it just stops working if one cleans up their local cache too harshly. So surely the example configuration file could be improved a bit, when it comes to why/when the encryption key's passphrase is used. Anyway, we're digressing wrt. the topic of this bug, and I would happily review a patch adding support for SIGN_PASSPHRASE. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#726072: backupninja: does not pass on GPG passphrase to duplicity
Hi, Anyway, we're digressing wrt. the topic of this bug, and I would happily review a patch adding support for SIGN_PASSPHRASE. I think you might have found it already ;). However, I am absolutely certain this bug is not wishlist. I reset it to normal, although I am tempted to say it is important. Using different keys for encrypting and signing is a completely supported feature, even included in ninjahelper and all, *and* the package installs a standard crontab file running unattended backups, *and* these two points together break heavily. -nik -- # apt-assassinate --help Usage: apt-assassinate [upstream|maintainer] package PGP-Fingerprint: 3C9D 54A4 7575 C026 FB17 FD26 B79A 3C16 A0C4 F296 signature.asc Description: Digital signature
Bug#726072: backupninja: does not pass on GPG passphrase to duplicity
Control: severity -1 wishlist Hi, I think you might have found it already ;). Good. However, I am absolutely certain this bug is not wishlist. I reset it to normal, although I am tempted to say it is important. I'm sorry, but that's not your call. FYI, in my experience, reverting maintainers' decisions on a bug severity, like you did, rarely has a joyful outcome. The right way to do it, I believe, is to explain why you disagree first, instead of reverting the decision you dislike. Using different keys for encrypting and signing is a completely supported feature, even included in ninjahelper and all, I do agree that using 2 different keys with the same passphrase is supported. But using 2 different keys with different passphrases is not supported, and has never been: * the documentation tries to make it clear that only one (shared) passphrase is supported when using 2 different keys; * the code doesn't pretend to do otherwise. So, both with my upstream and Debian maintainer hat, I consider this to be a feature request, for something we have never even attempted to support yet. Thanks for your attention. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#726072: backupninja: does not pass on GPG passphrase to duplicity
Package: backupninja Version: 1.0.1-1 Severity: normal When using different encryption and signing keys, the password config variable is not passed as PASSPHRASE environment variable, making duplicity expect the passphrase on stdin. This is very annoying because automatic backp runs are not possible, and it is not even shown because all duplicity output is buffered until dupli- city exits. I think there might be some confusion between signing and encrpyting anyway, because the config file commentary suggests that a pass- phrase is used for unlocking the encryption key, which is plain non- sense as GPG always uses public keys for (message) encryption. -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.10-1-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages backupninja depends on: ii bash4.2+dfsg-1 ii dialog 1.2-20130928-1 ii gawk1:4.0.1+dfsg-2.1 ii heirloom-mailx [mailx] 12.5-2 ii mawk1.3.3-17 backupninja recommends no packages. Versions of packages backupninja suggests: ii bzip2 1.0.6-5 ii debconf-utils 1.5.51 ii duplicity 0.6.22-1 pn genisoimagenone ii hwinfo 16.0-2.2 ii mdadm 3.2.5-5 ii rdiff-backup 1.2.8-7 ii rsync 3.0.9-4 ii subversion 1.7.9-1+nmu6 pn tricklenone pn wodim none -- Configuration Files: /etc/backupninja.conf changed [not included] /etc/cron.d/backupninja changed [not included] -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org