New storage encrypted with RSA, but it looks like it's only with normal encryption

Support
#1

I think I’m doing something wrong…

I created a new storage encrypted with RSA and transferred the contents of the old storage (also encrypted) to it.

I created the new storage with duplicacy add and then ran the copy.
(unfortunately I don’t have the storage creation log, I used command line)

But the info -d only tells me that “The storage is encrypted with a password” for the new storage.

Is there any other way to check if the new storage is using RSA?

(duplicacy 2.7.2)

#2

check shall print something about rsa in a first few lines of log.

#3

That was the first sign of problem, a check command that didn’t show anything about RSA… :slightly_frowning_face:

I’m redoing the procedure with a second pair of storages, to see if I missed something basic.

#4

The most definitive test would be of course to try to restore and seeing it ask for private key.

#5

The attempt with the other pair of storages had the same result…

To isolate the effect of the add and copy sequence of commands, I decided to init a new storage, from scratch, empty, and:

root@trf-user:~# duplicacy init -encrypt -key ~/bkpdef-public.pem [repository-id]  wasabi://us-central-1@s3.us-central-1.wasabisys.com/[bucket]
Enter Wasabi key:****
Enter Wasabi secret:****
Enter storage password for wasabi://us-central-1@s3.us-central-1.wasabisys.com/[bucket]:****
Re-enter storage password:****
/root will be backed up to wasabi://us-central-1@s3.us-central-1.wasabisys.com/[bucket] with id [repository-id]

root@trf-user:~# duplicacy -d info wasabi://us-central-1@s3.us-central-1.wasabisys.com/[bucket]
Enter Wasabi key:****
Enter Wasabi secret:****
The storage is encrypted with a password

I really think I’m missing something very obvious… :thinking:

#6

Well, after some more tests, I found that the problem is very simple: the info command is not informing about the use of RSA in the storages… the check command is informing correctly.

I tested it with the two storages I had initially created and with the new storage created for testing.

Although it is not documented, the info command is mentioned in documentation as a way to check if RSA encryption is enabled:

And, IIRC, I have used the info command in the past and the output was correct.

@gchen , maybe something related to the info command has broken in the last few versions?

#7

Try to add the -e option:

duplicacy -d info -e wasabi://us-central-1@s3.us-central-1.wasabisys.com/[bucket]

The info command is repository-less – it don’t know where to find the storage password so it can’t decrypt the config file. With -e you can then enter the storage password and it will print out the RSA public key.

#8

Ok, with the -e option it worked, it showed the information about RSA.

Two points:

  1. I updated the documentation about the RSA feature:
  1. Will info remain as an undocumented command? Or will it be official and documented?