Why does Duplicity allow a new symmetric passphrase on incremental backups?

kmccoy

8/15/23, 10:35 AM

I am new to Duplicity and trying to test it as a new backup tool. However, I have found that it permits incremental backups with new symmetric passphrases which then causes the backup to be unrecoverable. For instance, this is my test script:

#!/bin/bash

PASSPHRASE=one duplicity full /home/ken/scripts file:///home/ken/tmp/
read -p "Press [Enter] key to start incremental backup..."
PASSPHRASE=two duplicity incr /home/ken/scripts file:///home/ken/tmp/

duplicity verify file:///home/ken/tmp/ /home/ken/scripts

Trying to run the verify line causes this result:

Local and Remote metadata are synchronized, no sync needed.
Last full backup date: Fri Apr 15 18:15:41 2022
GnuPG passphrase for decryption: 
GPGError: GPG Failed, see log below:
===== Begin GnuPG log =====
gpg: AES256.CFB encrypted data
gpg: encrypted with 1 passphrase
gpg: decryption failed: Bad session key
===== End GnuPG log =====

I would have expected on the incremental backup for Duplicity to check the passphrase matched the passphrase of the original full backup.

Is this a bug or a feature?

How can I ensure my incremental backups are performed consistently with the previous backup so I don't corrupt my backup files?

0 + 0

duplicity

Score:1

Server

Eric

11/21/23, 7:00 PM

This problem affected me, and with real data.

I believe this is fixed in the most recent versions; see the gitlab posts linked to below.

But I note that, as of mid-November 2022, if I just install on Ubuntu 22.04 via apt install, it does not get the most recent version, so you may have to go elsewhere to get the most recent version.

https://gitlab.com/duplicity/duplicity/-/issues/147

+ 1

P.Péter

11/24/23, 9:01 AM

Hello @Eric, welcome to SF! This answer contains mostly useful information, but it could be improved: - Put a short answer to the question(s) first. - Try to extract and write relevant information from linked sites. - Try to keep anecdotes at the end.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Why does Duplicity allow a new symmetric passphrase on incremental backups?

TH: เหตุใด Duplicity จึงอนุญาตให้ใช้ข้อความรหัสผ่านแบบสมมาตรใหม่ในการสำรองข้อมูลส่วนเพิ่ม

RO: De ce Duplicity permite o nouă expresie de acces simetrică pentru copiile de rezervă incrementale?

RU: Почему Duplicity позволяет использовать новую симметричную парольную фразу для инкрементных резервных копий?

VI: Tại sao Bản sao cho phép cụm mật khẩu đối xứng mới trên các bản sao lưu gia tăng?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.