Open GoogleCodeExporter opened 9 years ago
GoogleCodeExporter
commented
9 years ago Hi, could you post a commandline example of using an asymmetric key? I find the
GPG examples to be really poor.Original comment by kenneth@hexad.dk on 31 May 2011 at 12:16
GoogleCodeExporter
commented
9 years ago @Kenneth:
gpg -r <emailaddress>
gpg -r 0x0KEYID0
those will work.
An asymmetric key is one stored in the key store of GnuPG. This is also what's
used to encrypt emails and sign emails.
Let me know if further details are required.
What's not needed for asymmetric keys is that you ask for the passphrase. Well,
this isn't strictly true, but it is for most cases (i.e. when only encrypting
and not signing). Most people will prefer to use the standard agent that comes
with GnuPG (e.g. in Gpg4Win) which doesn't require supplying a passphrase on
some file descriptor for the signing use case. For pure encryption you do not
need any passphrase whatsoever. However, if the user decided also to *sign* the
data, it'd be required.
To make a long story short, here's what I am using on the command line to get
this work in existing versions of Duplicati. But of course I would also
appreciate to have this inside the GUI.
Duplicati.CommandLine.exe backup --encryption-module=gpg --passphrase=foobar
--gpg-encryption=true --gpg-encryption-switches="-r name@domain.tld"
--full-if-older-than=2W ...
The passphrase isn't used anywhere during encryption, because the "-r" option
to GnuPG allows us to encrypt against the specified public key and we didn't
ask to sign as well.
You can contact me on windirstat.info ... I rarely check my gmail address ;)
PS: one last note: you can read up on keys on Wikipedia. Because I expect you
may be surprised why there is no passphrase required during encryption.Original comment by windirstat on 2 Feb 2014 at 11:52
Original issue reported on code.google.com by
00strea...@gmail.comon 28 May 2011 at 5:46