Open TheBigBear opened 8 years ago
It appears the problem is that you've been using multiple git-crypt keys with the same repository. I see from the output of git-crypt status
that you're using GPG mode, so you should not need to pass a symmetric key to git-crypt unlock
. What happens if you just run git-crypt unlock
with no arguments?
To avoid issues like this in the future, you should never run git-crypt init
more than once, unless it's in a completely new, completely unrelated repository (i.e. not a clone of an already-existing repository). After cloning an encrypted repository, run either git-crypt unlock
with no arguments (if you're using GPG mode), or git-crypt unlock /path/to/keyfile
(if you're not using GPG mode) (where /path/to/keyfile
was exported from the original repository using git-crypt export-key
).
I highly recommend you just use GPG mode, so you don't need to think about git-crypt keys at all.
Also, is this a distinct issue from #62?
@AGWA thanks. Yes, it prompted me for my gpg passphrase and things were OK again.
Sorry for not using the tool correctly.
Can I clean this inconsistency of different keys for different files up by using git filter-branch
? Or any other way?
Would it be very hard to prevent git-crypt init
to be run a second time? Could it warn and require a "-f"
to force it to create a new git-crypt
symmetric key? Sorry, if this is a 'stupid' question.
Or can I add more than one git-crypt symmetric keys to my repo, and in my case now somehow find the second key and re-encrypt all the files using this second key as well?
Thanks for your advice, and I really appreciate it, but in my use case I was really planning, and kind of counting, on being able to use 'shared' symmetric keys for my git-crypt
-ed repos.
This is a really good idea:
"Would it be very hard to prevent git-crypt init to be run a second time? Could it warn and require a "-f" to force it to create a new git-crypt symmetric key"
how do we clean up if someone accidentally ran git-crypt init
when it was already setup? I'm using a key file to unlock.
how do we clean up if someone accidentally ran
git-crypt init
when it was already setup? I'm using a key file to unlock.
rm -rf .git/git-crypt
I have checked out my branch and tried to decrypt it's data, but got the error mesage:
Here is the steps that led up to it.
Then I thought this woudl be the right thing to do, but maybe it wasn't?
And now I suddenly have 6 changed files. (and if I peek into them they all have '^@GITCRYPT^@' at the start of the file.)
How do I recover from this?