-
Notifications
You must be signed in to change notification settings - Fork 897
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Password mandatory for asymmetric GPG encryption in the web interface #3498
Comments
Confirmed. Actually a few things should be fixed, if possible:
From ticket #2270 I understand that you expect to use the public key to be used to encrypt, and your private, wherever it is, to decrypt. |
I re-tested it again and it works - albeit the logging can be improved. I forgot to set the trust level of my key to 5. Did you do that? |
Yes, I thought I did that in my command line tries... the user I started the web interface with should also have access to the gpg keyring which stores the trusted public key. |
Ok. Another guess: Try to get rid of your escaping backslash in the encryption switches at recipient: If I put it there, it also doesn't work. |
Preliminary commits that resolve issues I described above can be found in |
Environment info
Description
GPG only seems to work with a workaround on the command line. This workaround is artificially blocked in the web interface.
According to #2270 you can use GPG as encryption module at backup when you specify
--passphrase=unused
. The web interface artificially forbids you to not use a passphrase and requires you to set a passphrase in the General configuration of the backup (first page).Setting
--passphrase=unused
manually at Advanced Options doesn't change anything in the web interface. I guess it's overridden by the encryption passphrase from the first page.If you set the encryption passphrase from the first page to "unused", it accepts the command. But when you execute the backup, it backups zero files.
The backup logs say everything is fine though.
In short: GPG encryption is unusable in the web interface right now.
Steps to reproduce
--gpg-encryption-command=--encrypt
--gpg-encryption-switches=--recipient\ "mail@example.org"
Actual result:
It does not backup anything
Expected result:
When I set the passphrase to "unused", it backs everything up, and I can restore it later using only the GPG private key, but not the passphrase.
Screenshots
Debug log
The text was updated successfully, but these errors were encountered: