Déjà Dup

Bug #1592124
Comment #2

Comment 2 for bug 1592124

Revision history for this message

jonnybeamer (jonnybeamer) wrote on 2017-08-22: Re: [Bug 1592124] Re: Deja Dup encrypted backup restore: password not accepted

Hello back,

Thanks for the info. Of course like you said I ran into snags just
before this bug was fixed, so the damage is already done. But I was able
to get everything I needed out of it, I think by opening each file
manually. (it's been a long time now since I did this) My guess is
that unencrypting manually did not have the whole password chain hangup
that DejaDup was having, and so my original guess of what the password
was then worked, and I could then unlock and manually extract everything.

I appreciate the response,

Jonathan

On 08/22/2017 09:34 AM, Michael Terry wrote:
> *** This bug is a duplicate of bug 918489 ***
> https://bugs.launchpad.net/bugs/918489
>
> After some testing, I think I know what could cause this bug. There was
> a bug in deja-dup/duplicity that allowed for an accidental change in
> password when making the occasional full backup checkpoint (bug 918489,
> fixed in deja-dup 34.3).
>
> Here's how this would be reproduced, using deja-dup <= 34.2:
> - Create a new backup with password 'a'
> - Keep backing up until deja-dup decides to make a new backup. Then either have a different password saved in gnome-keyring or enter a different password when it prompts. Say, 'b'
> - Now you have two backup chains with different passwords, but deja-dup will keep adding new backups.
> - Until either your cache gets blown away or deja-dup decides to do its every-two-months backup-validation check. (Or heaven forbid, your hard drive gets blown away and you need to restore as in your case.)
> - When either happens, duplicity will try to download the encrypted manifest files for all the backups and deja-dup will prompt you for the decryption password.
> - If you enter 'a', it will choke on your second backup and show the password prompt again. If you enter 'b' it will choke on the first. Thus you get eternal backup prompts.
>
> The only way to recover is to blow away older backups (or the whole
> thing) and start over. If you were trying to restore, your files can
> still be manually recovered using duplicity or gpg, as you saw.
>
> Anyway. That's my research into what this bug was likely about. I'll
> mark it as a dup of bug 918489 (which was fixed right after you ran into
> this, sorry!).
>
> ** This bug has been marked a duplicate of bug 918489
> duplicity allows bad passphrase on full backup if archive cache exists
>

Hello back,

Thanks for the info.  Of course like you said I ran into snags just 
before this bug was fixed, so the damage is already done. But I was able 
to get everything I needed out of it, I think by opening each file 
manually.  (it's been a long time now since I did this)  My guess is 
that unencrypting manually did not have the whole password chain hangup 
that DejaDup was having, and so my original guess of what the password 
was then worked, and I could then unlock and manually extract everything.

I appreciate the response,

Jonathan

On 08/22/2017 09:34 AM, Michael Terry wrote:
> *** This bug is a duplicate of bug 918489 ***
>      https://bugs.launchpad.net/bugs/918489
>
> After some testing, I think I know what could cause this bug. There was
> a bug in deja-dup/duplicity that allowed for an accidental change in
> password when making the occasional full backup checkpoint (bug 918489,
> fixed in deja-dup 34.3).
>
> Here's how this would be reproduced, using deja-dup <= 34.2:
> - Create a new backup with password 'a'
> - Keep backing up until deja-dup decides to make a new backup. Then either have a different password saved in gnome-keyring or enter a different password when it prompts. Say, 'b'
> - Now you have two backup chains with different passwords, but deja-dup will keep adding new backups.
> - Until either your cache gets blown away or deja-dup decides to do its every-two-months backup-validation check. (Or heaven forbid, your hard drive gets blown away and you need to restore as in your case.)
> - When either happens, duplicity will try to download the encrypted manifest files for all the backups and deja-dup will prompt you for the decryption password.
> - If you enter 'a', it will choke on your second backup and show the password prompt again. If you enter 'b' it will choke on the first. Thus you get eternal backup prompts.
>
> The only way to recover is to blow away older backups (or the whole
> thing) and start over. If you were trying to restore, your files can
> still be manually recovered using duplicity or gpg, as you saw.
>
> Anyway. That's my research into what this bug was likely about. I'll
> mark it as a dup of bug 918489 (which was fixed right after you ran into
> this, sorry!).
>
> ** This bug has been marked a duplicate of bug 918489
>     duplicity allows bad passphrase on full backup if archive cache exists
>