Closed telepath closed 5 months ago
mainboarder
commented
3 years ago Hi telepath,
you are right.
Above line 61 everything works as variables for the skript.
So it is best to use the command /usr/bin/openssl rand -base64 21 to generate a secure passphrase and replace the return value with $(/usr/bin/openssl rand -base64 21)
Do you have a suggestion how to make it more clear?
telepath
commented
3 years ago I think the main question is, how the password should be stored. The script already requires some editing to set the parameters, so having the password in there might be ok. Another option would be to safe the password in a file, like ~/.backup-server or similar. This could automatically be created by the script if it does not exist, though the user must still be aware to safe the password somewhere else.
I think making it fool-proof woud require creating an acutal application with installation, configuration and parameters. That would be overkill. I like the file idea, but the quickes solution might be to have the passphrase set in the script and add a helpful error message when it's missing.
https://github.com/mainboarder/Froxlorbackup/blob/3128ae3e21d4398441cd19fe16ea416f1232519c/backup-server.sh#L54
How is the random passphrase supposed to work? If I understand the concept (and the errors I see) correctly, duplicity needs to know all past passphrases to work, but they are not known at runtime.
Everything after the first backup run fails: