RSA without repository password?


is it possible / wise to “work” without a repository password?

I did init a repository (and storage) with RSA and entered an empty repository password.

duplicacy_3.2.3 init -e -key public.pem foo /pool/duplicacy/

When prompted for password, I just hit the enter key twice

duplicacy_3.2.3 backup

did not print “RSA encryption is enabled” and in deed the chunks are not encrypted.

But as far as init was done with “-e -key public.pem” and .duplicacy/preferences states ““encrypted”: true”

the user could believe it is encrypted (I did when testing if i can leave the repository password blank). This should not be possible or am I wrong?. The creation of such a storage should be prevented, shouldn’t it?



My opinion is having that choose is good.

It’s up to the user to decide how important it is to them id their data is encrypted or not. I do the same thing with my backups, not encrypt it that is.

How did you verify that data in the chunks is not encrypted?

ACK that user should not be forced to encrypt, but this was not my point. My point was User wants to and thinks he encrypts (see the init prompt) but indeed it is not.encrypted.

It was restoreable without offering or asking for the private keyfile :slight_smile:
(reproducable). I thinks it is a bug…(?)

Thanks lopiuh

1 Like

That doesn’t mean it wasn’t encrypted. It just means it didn’t ask for a password.

I believe that is why @saspus asked how you verified it wasn’t encrypted


ah yes (we are talking about CLI-Version)
1.backup-call does not display ““RSA encryption is enabled”, what it does, when it is encrypted.
2.I did not gave and it did not aks for private key, what it does, when it is encrypted.
3.I have not saved the pgp private keyfile password in any entity, which is able to give it to any program.

You can simply reproduce the setup. Call init with -e and public key and press enter for storage password, voila.




can someone confirm / contradict the described behaviour?

Yours lopiuh

Looks like a bug to me. Conflating “empty password” and “no password”.

I want to contribute. How is tagging done for the buglist?

Yours lopiuh