[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Encrypted backups without secret key
|
From: |
edgar . soldin |
|
Subject: |
Re: [Duplicity-talk] Encrypted backups without secret key |
|
Date: |
Thu, 11 Oct 2018 10:28:29 +0200 |
|
User-agent: |
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 |
On 11.10.2018 10:12, Mathias Rav via Duplicity-talk wrote:
> I've just started using duplicity 0.7.18.1 to backup my webserver.
> I've generated a server key on my webserver and a backup key on another
> host. The webserver encrypts the backups to the backup key and signs
> them with the server key. This seems to work, and on the host that has
> the secret backup key, I can restore the backup with duplicity.
>
> However, during incremental backup I get an error because the secret
> backup key is not available on the webserver. Is this way of using
> duplicity unsupported? Should I be worried? I would prefer not having
> the secret key on the webserver in the event of a compromise.
>
> Below I've included the duplicity output when backing up my database.
> FWIW I'm running Ubuntu 16.04 and backing up to B2. duplicity 0.7.18.1
> was installed with pip install --user.
>
tl;dr
use the double key approach. create a key pair (without passphrase) for this
machine only and encrypt against this and your personal public key (give
multiple '--encrypt-key key-id', see man page).
reason
duplicity needs to decrypt during synchronization/verify. that can only be done
with a matching private key. previously it was possible to run w/o a private
key but that is error prone
https://bugs.launchpad.net/duplicity/+bug/687295
.
regards ..ede/duply.net