[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before
From: |
Chris Poole |
Subject: |
Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore? |
Date: |
Thu, 14 Jul 2011 11:19:48 +0100 |
On Thu, Jul 14, 2011 at 9:38 AM, <address@hidden> wrote:
> On 13.07.2011 17:53, Chris Poole wrote:
>> (Thus, it's very important to sign
>> backups being stored in untrusted locations.)
>
> It is provided the public key used is published somewhere or in other ways
> available to a possible attacker. If you create a keypair just for your
> backup and keep it on the backup machine and in your secure storage (for
> restoring) you don't necessarily need it.
>
> On the other hand. Currently duplicity needs a private key to work reliably,
> so signing to it does no harm and can be seen as an extra lock for an
> intruder to pick. see http://bugs.launchpad.net/duplicity/+bug/687295
Thanks. I'm going to get used to signing my backups. I don't use cron
to do them for me anyway.
What I find annoying is that Duplicity asks me for my passphrase (when
doing an incremental backup) 3 times. Surely once is enough, to
decrypt my private key? (Using the same Key ID to encrypt and sign my
backup.)
- [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Chris Poole, 2011/07/13
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Martin Pool, 2011/07/13
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, edgar . soldin, 2011/07/14
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?,
Chris Poole <=
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, edgar . soldin, 2011/07/14
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Kenneth Loafman, 2011/07/14
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, edgar . soldin, 2011/07/14
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Kenneth Loafman, 2011/07/14
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, edgar . soldin, 2011/07/14
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Chris Poole, 2011/07/14
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Chris Poole, 2011/07/14
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, edgar . soldin, 2011/07/14
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, Chris Poole, 2011/07/18
- Re: [Duplicity-talk] Manifest stores SHA1 hash of files, checked before restore?, edgar . soldin, 2011/07/18