Otdfbt

Multi tool use

Is this food a bread or a loaf?

How would photo IDs work for shapeshifters?

Can I legally use front facing blue light in the UK?

Why airport relocation isn't done gradually?

Is domain driven design an anti-SQL pattern?

Eliminate empty elements from a list with a specific pattern

I’m planning on buying a laser printer but concerned about the life cycle of toner in the machine

What do the Banks children have against barley water?

Travelling to Edinburgh from India

I see my dog run

Are white and non-white police officers equally likely to kill black suspects?

Is there a familial term for apples and pears?

Why is making salt water prohibited on Shabbat?

Symmetry in quantum mechanics

How is it possible for user's password to be changed after storage was encrypted? (on OS X, Android)

Finding files for which a command fails

Copycat chess is back

Where to refill my bottle in India?

Einstein metrics on spheres

How to create a consistent feel for character names in a fantasy setting?

How to deal with fear of taking dependencies

Is Fable (1996) connected in any way to the Fable franchise from Lionhead Studios?

How can I fix this gap between bookcases I made?

extract characters between two commas?

Where does duplicity store the key that it creates?

How can I use Duplicity with a symmetric key?How can I use Duplicity with a symmetric key?Duplicity restore reports “Invalid SSH password” when I'm using a private key for connectionHow does Duplicity check for modifications (mtime or checksum)?How can I speed up my Duplicity backup?Bad signatures or NOKEY errors on RPMs I just signedrestore backup files in another server using duplicityWhy does duplicity need a passphrase for OpenPGP encryption?How to restore a Duplicity backup to a new host?Where is the networker public key?Back up using Duplicity through SCP with key-based authentication

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;

1

I started a backup via duplicity without giving it any options. I haven't created any GPG keys myself, so when I ran duplicity, it asked me for a passphrase, then created a key, and successfully backed-up (to BackBlaze B2) with encryption and compression.

Good, but I don't know where the key is stored. Thus if my drive dies then I won't be able to restore the backup. gpg -k gives no output. Where's the key hiding?

gpg duplicity

share|improve this question

asked Apr 4 at 22:27

0xnick1chandoke0xnick1chandoke

82

New contributor

0xnick1chandoke is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

1

I started a backup via duplicity without giving it any options. I haven't created any GPG keys myself, so when I ran duplicity, it asked me for a passphrase, then created a key, and successfully backed-up (to BackBlaze B2) with encryption and compression.

Good, but I don't know where the key is stored. Thus if my drive dies then I won't be able to restore the backup. gpg -k gives no output. Where's the key hiding?

gpg duplicity

share|improve this question

asked Apr 4 at 22:27

0xnick1chandoke0xnick1chandoke

82

New contributor

0xnick1chandoke is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

I started a backup via duplicity without giving it any options. I haven't created any GPG keys myself, so when I ran duplicity, it asked me for a passphrase, then created a key, and successfully backed-up (to BackBlaze B2) with encryption and compression.

Good, but I don't know where the key is stored. Thus if my drive dies then I won't be able to restore the backup. gpg -k gives no output. Where's the key hiding?

gpg duplicity

share|improve this question

asked Apr 4 at 22:27

0xnick1chandoke0xnick1chandoke

82

New contributor

0xnick1chandoke is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

asked Apr 4 at 22:27

0xnick1chandoke0xnick1chandoke

82

New contributor

0xnick1chandoke is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

asked Apr 4 at 22:27

0xnick1chandoke0xnick1chandoke

82

New contributor

0xnick1chandoke is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked Apr 4 at 22:27

0xnick1chandoke0xnick1chandoke

82

New contributor

0xnick1chandoke is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked Apr 4 at 22:27

0xnick1chandoke0xnick1chandoke

82

1 Answer
1

active

oldest

votes

0

If your (secret) key does exist then it is in the secret keyring of the user used to create the key. That user's keyrings are in a directory named '.gnupg' which is in that user's home directory.

So the secret key would be here for the user that created it:

~/.gnupg/secring.gpg

However, based on what you wrote, chances are duplicity just used a symmetric key which only consists of the passphrase you entered.

Reference : https://linux.die.net/man/1/gpg

share|improve this answer

edited Apr 5 at 9:42

answered Apr 5 at 8:31

Jack.LJack.L

184

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Haha! I was thinking that GPG was symmetric. (I'm really unfamiliar with crypto ^^;) OK, so in other words, duplicity probably encrypted via a deterministic cipher whose sole argument/secret was the passphrase that I gave, and it doesn't use keys nor entropy at all?
  
  – 0xnick1chandoke
  Apr 5 at 19:44
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Forgot to mention: my ~/.gnupg directory does not contain a secring.gpg file.
  
  – 0xnick1chandoke
  Apr 5 at 19:51
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  This may shed some light concerning using Duplicity with a symmetric key: serverfault.com/questions/173767/…
  
  – Jack.L
  2 days ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  thanks. That article confirms my hypothesis: "[if you're not using --encrypt-key, then] you're using symmetric encryption and the secret key consists of your passphrase exclusively."
  
  – 0xnick1chandoke
  2 days ago
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

0xnick1chandoke is a new contributor. Be nice, and check out our Code of Conduct.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f961598%2fwhere-does-duplicity-store-the-key-that-it-creates%23new-answer', 'question_page');

);

Post as a guest

Name

Email

Required, but never shown

0

If your (secret) key does exist then it is in the secret keyring of the user used to create the key. That user's keyrings are in a directory named '.gnupg' which is in that user's home directory.

So the secret key would be here for the user that created it:

~/.gnupg/secring.gpg

However, based on what you wrote, chances are duplicity just used a symmetric key which only consists of the passphrase you entered.

Reference : https://linux.die.net/man/1/gpg

share|improve this answer

edited Apr 5 at 9:42

answered Apr 5 at 8:31

Jack.LJack.L

184

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Haha! I was thinking that GPG was symmetric. (I'm really unfamiliar with crypto ^^;) OK, so in other words, duplicity probably encrypted via a deterministic cipher whose sole argument/secret was the passphrase that I gave, and it doesn't use keys nor entropy at all?
  
  – 0xnick1chandoke
  Apr 5 at 19:44
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Forgot to mention: my ~/.gnupg directory does not contain a secring.gpg file.
  
  – 0xnick1chandoke
  Apr 5 at 19:51
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  This may shed some light concerning using Duplicity with a symmetric key: serverfault.com/questions/173767/…
  
  – Jack.L
  2 days ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  thanks. That article confirms my hypothesis: "[if you're not using --encrypt-key, then] you're using symmetric encryption and the secret key consists of your passphrase exclusively."
  
  – 0xnick1chandoke
  2 days ago
  

  
  
  
  

add a comment | 

0

If your (secret) key does exist then it is in the secret keyring of the user used to create the key. That user's keyrings are in a directory named '.gnupg' which is in that user's home directory.

So the secret key would be here for the user that created it:

~/.gnupg/secring.gpg

However, based on what you wrote, chances are duplicity just used a symmetric key which only consists of the passphrase you entered.

Reference : https://linux.die.net/man/1/gpg

share|improve this answer

edited Apr 5 at 9:42

answered Apr 5 at 8:31

Jack.LJack.L

184

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Haha! I was thinking that GPG was symmetric. (I'm really unfamiliar with crypto ^^;) OK, so in other words, duplicity probably encrypted via a deterministic cipher whose sole argument/secret was the passphrase that I gave, and it doesn't use keys nor entropy at all?
  
  – 0xnick1chandoke
  Apr 5 at 19:44
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Forgot to mention: my ~/.gnupg directory does not contain a secring.gpg file.
  
  – 0xnick1chandoke
  Apr 5 at 19:51
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  This may shed some light concerning using Duplicity with a symmetric key: serverfault.com/questions/173767/…
  
  – Jack.L
  2 days ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  thanks. That article confirms my hypothesis: "[if you're not using --encrypt-key, then] you're using symmetric encryption and the secret key consists of your passphrase exclusively."
  
  – 0xnick1chandoke
  2 days ago
  

  
  
  
  

add a comment | 

If your (secret) key does exist then it is in the secret keyring of the user used to create the key. That user's keyrings are in a directory named '.gnupg' which is in that user's home directory.

So the secret key would be here for the user that created it:

~/.gnupg/secring.gpg

However, based on what you wrote, chances are duplicity just used a symmetric key which only consists of the passphrase you entered.

Reference : https://linux.die.net/man/1/gpg

share|improve this answer

edited Apr 5 at 9:42

answered Apr 5 at 8:31

Jack.LJack.L

184

~/.gnupg/secring.gpg

share|improve this answer

edited Apr 5 at 9:42

answered Apr 5 at 8:31

Jack.LJack.L

184

answered Apr 5 at 8:31

Jack.LJack.L

184

answered Apr 5 at 8:31

Jack.LJack.L

184