duplicity-talk
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] Serious problem with duplicity - secret key not ava

From: edgar . soldin
Subject: Re: [Duplicity-talk] Serious problem with duplicity - secret key not available
Date: Thu, 12 Aug 2021 14:00:24 +0200
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.12.1 
errmm Luc,

how about giving the alternate gpg homedir for the keyring to the gpg run by 
duplicity too? like e.g. '--gpg-options="--keyring 
/opt/backup/keys/restore/secring.gpg"'

note that since a while you will need at least one secret key that is able to 
decrypt the backup as duplicity decrypts one piece of the last backup to make 
sure you didn't switch keys inbetween.

any reason why you keep two keys (backup,restore), when both are residing fully 
(secret,public) on the same machine?

..ede/duply.net

On 12.08.2021 13:47, Luca Bertoncello via Duplicity-talk wrote:
> Hi Edgar,
>
> no Problem!
> As you see, the keys are here:
>
> root@mail ~ # gpg --list-secret-keys --homedir /opt/backup/keys/backup/
> /opt/backup/keys/backup//secring.gpg
> ------------------------------------
> sec   2048R/5E0FF919 2021-07-19
> uid                  BACKUP <it@queo-group.com>
> ssb   2048R/B8D4D817 2021-07-19
>
> root@mail ~ # gpg --list-secret-keys --homedir /opt/backup/keys/restore/
> gpg: checking the trustdb
> gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
> gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u
> /opt/backup/keys/restore//secring.gpg
> -------------------------------------
> sec   2048R/583232D4 2021-07-19
> uid                  RESTORE <it@queo-group.com>
> ssb   2048R/640278DF 2021-07-19
>
> Thanks
> Luca
>
> -----Ursprüngliche Nachricht-----
> Von: Duplicity-talk 
> <duplicity-talk-bounces+l.bertoncello=queo-group.com@nongnu.org> Im Auftrag 
> von edgar.soldin--- via Duplicity-talk
> Gesendet: Donnerstag, 12. August 2021 13:40
> An: Discussion of the backup program duplicity <duplicity-talk@nongnu.org>
> Cc: edgar.soldin@web.de
> Betreff: Re: [Duplicity-talk] Serious problem with duplicity - secret key not 
> available
>
> ok,
>
> let's continue on list for the archives. nothing new or specific in the log. 
> you are running the backup as root.
>
> please run a root shell and check that 'gpg --list-secret-keys' lists the 
> missing key. supposedly it's called "RESTORE <it@queo-group.com>". it seems 
> to be missing in the root keychain!
>
> ..ede/duply.net
>
> On 12.08.2021 13:00, Luca Bertoncello via Duplicity-talk wrote:
>> Hi Edgar,
>>
>> I downloaded and installed Duplicity 0.7.19.
>> Unfortunately I always get the same problem... ☹
>>
>> Any other idea?
>>
>> Thanks
>> Luca
>>
>> -----Ursprüngliche Nachricht-----
>> Von: Duplicity-talk
>> <duplicity-talk-bounces+l.bertoncello=queo-group.com@nongnu.org> Im
>> Auftrag von edgar.soldin--- via Duplicity-talk
>> Gesendet: Donnerstag, 12. August 2021 12:43
>> An: duplicity-talk@nongnu.org
>> Cc: edgar.soldin@web.de
>> Betreff: Re: [Duplicity-talk] Serious problem with duplicity - secret
>> key not available
>>
>> On 12.08.2021 12:00, Luca Bertoncello via Duplicity-talk wrote:
>>> Hi list!
>>>
>>> I'm using Duplicity on many servers since years and did not even have a 
>>> problem...
>>>
>>> Now I have to backup a server (very old... it runs Ubuntu 16.04 and I 
>>> cannot upgrade it now).
>>> So I installed duplicity 0.7.06 from Ubuntu-Repository (GPG is 1.4.20) and 
>>> started the backup.
>>>
>>> It works, but after some days it does not work anymore I every call to 
>>> duplicity fails with:
>>>
>>> GPGError: GPG Failed, see log below:
>>> ===== Begin GnuPG log =====
>>> gpg: encrypted with 2048-bit RSA key, ID xxxxxxx, created 2021-07-19
>>> "RESTORE <it@queo-group.com>"
>>> gpg: decryption failed: secret key not available ===== End GnuPG log
>>> =====
>>>
>>> The key files are on the disk and readable.
>>>
>>> Do someone have an idea what I can do?
>>>
>>> I already had the problem on the server and I "solved" it creating new keys 
>>> and deleting all old backups, but this is not a solution...
>>>
>>
>> hey Luca,
>>
>> duplicity 07.06 is very very old and not even the latest in the now 
>> unmaintained branch. please install either latest duplicity 0.8.20 or 0.7.19 
>> manually after removing the old version from your distribution.
>> http://duplicity.nongnu.org/ (section Download)
>>
>> there are ppa, snap and pip3 installations available. if that does not 
>> suffice or is impossible, there is a 'INSTALL MULTIPLE VERSIONS' mini-howto 
>> on https://duply.net/Documentation (never tried with 0.8.x though, the 
>> executable patching may need some modification there).
>>
>> please come back if the error persists with one of the above versions and 
>> we'll try to resolve it for good.
>>
>> good luck and healthy regards.. ede/duply.net
>>
>> _______________________________________________
>> Duplicity-talk mailing list
>> Duplicity-talk@nongnu.org
>> https://lists.nongnu.org/mailman/listinfo/duplicity-talk
>> _______________________________________________
>> Duplicity-talk mailing list
>> Duplicity-talk@nongnu.org
>> https://lists.nongnu.org/mailman/listinfo/duplicity-talk
>>
>
>
> _______________________________________________
> Duplicity-talk mailing list
> Duplicity-talk@nongnu.org
> https://lists.nongnu.org/mailman/listinfo/duplicity-talk
> _______________________________________________
> Duplicity-talk mailing list
> Duplicity-talk@nongnu.org
> https://lists.nongnu.org/mailman/listinfo/duplicity-talk
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]