4

I've tried a number of obvious commands as detailed in Duplicity Man page to do this but it doesn't seem to work.

Scenario

I'm SSH'ing to a machine, then running Duplicity; below is the command, of sorts:-

ssh -i /keys/key.pem -o StrictHostKeyChecking=no user@ipAddress "sudo duplicity --s3-european-buckets --s3-use-new-style /local/dir/stuff s3+http://bucket/dir/"

Problem is, it's always asking for a passphrase, and I want to run this as an automated process without CLi user replies. The man page's only precise reference is to the environment variable PASSPHRASE, but makes little mention (with encrypt-key or sign-key which seem different) how this can be set.

NOTE: It's asking for GnuPG passphrase

Eborbob
  • 213
  • 3
  • 13
waxical
  • 344
  • 2
  • 5
  • 12
  • Which passphrase is it asking for? – womble Aug 06 '12 at 10:26
  • Added, it's asking for GnuPG – waxical Aug 06 '12 at 10:40
  • Why is it asking for a GnuPG passphrase? It should only need that to decrypt. – womble Aug 06 '12 at 10:42
  • 2
    @womble duplicity needs to decrypt previous backups in order to do incremental backups – ptman Aug 06 '12 at 10:45
  • @ptman: It didn't when I used to use it. If it does now, that's a pretty serious regression in, security, useability, *and* resource consumption. – womble Aug 06 '12 at 10:47
  • 2
    @ptman Duplicity doesn't need to decrypt previous backups to do incrementals - the reason it is asking for the passphrase is that GPG keys are used for two purposes 1) encryption 2) signatures, and it's the signatures that the passphrase is needed for in this situation. It's best practice to specify a separate key for the signatures with `--sign-key` - without it Duplicity will use the same key for signing and encrypting. – Eborbob Jun 27 '16 at 13:34
  • @Eborbob I stand corrected – ptman Jun 27 '16 at 14:46

2 Answers2

5

you can pass environment variables using env(1):

env PASSPHRASE=.... duplicity ...
ptman
  • 28,394
  • 2
  • 30
  • 45
-4

you are using sudo, so, you need to change options in /etc/sudoers file Google Here

GioMac
  • 4,544
  • 4
  • 27
  • 41