Where should the RSA keys (public and private key files) for storage encryption be stored? Is it a security issue storing it in the folder being backed up on Duplicacy? Probably a silly question but still confusing for a newbie like me! Thanks
The idea of public-private key encryption is that you keep the private key somewhere safe (like in a password manager), and only have the public key on the system that’s used to encrypt.
So don’t keep the two on the same system as the data, as it defeats the point. 
The private key is used to decrypt data, so you won’t need it til you do a restore. The primary use case is protecting access to a storage, where other machines might also be backing up sensitive data there.
You can put the public key file anywhere you like but I’d recommend at the root of the .duplicacy-web directory if you’re using the Web UI.
2 Likes
Thanks for the thorough reply. I’ll do as suggested. Is there a way to test that I can decrypt the data? Do I just have to restore the data or is there some kind of test function to make sure my password works?
There’s no test function, and check won’t actually read data I don’t think.
IMO the ultimate test would be to set up Duplicacy from scratch (say in a VM or other PC), and go through the entire process to b sure, but you could also just run a test restore on a few files, with the private key.