Okay, I figured it out. In order for duplicity to enter the passphrase for the ssh key, (not for the gpg encryption-key), keychain
must be installed and configured, and the key must be added using the ssh-add
command.
I needed to install keychain
, so I did,
and then add I added it to my .bash_profile
like so:
keychain --clear id_rsa
. ~/.keychain/$HOSTNAME-sh
Now assuming my public key is stored along with my private key in the /root/.ssh
directory, when I switch users to root
I first get an error, but after that I run ssh-add
, exit
out of the account, and log back in as root
again.
When I return to the root
account, I am asked for the ssh private key's passphrase. Now duplicity appears to work... as far as connecting to the other server anyway... I no longer get the Invalid SSH Password
message I was getting earlier.
Yes. The only thing that matters for asymmetric encryption are the keys themselves. Alice encrypts something using Bob's public key, and only Bob with possession of his private key may decrypt the transmission and retrieve the original plaintext from Alice.
Since private keys are very sensitive, it is not a good idea to leave them laying around (in your disk or home directory). They need to be protected. So we wrap them using symmetric encryption using a passphrase. This way, we have two layers of security: in order to decrypt the data, the attacker needs something you have (the encrypted private key) and something you know (the passphrase to unlock the private key).
Changing the passphrase of a private key basically unwraps it from its old protection and creates a new protection with the new passphrase. The passphrase is never used in the transmission of the data between the two parties.
Best Answer
The default mode of duplicity is to use a symmetric key which consists of a simple passphrase. There's no way I would use that though: if you have to type the key, you can't run an unattended backup!
If you want to run an unattended backup, you have to pass duplicity a public key somehow. The only kind of public key that duplicity supports is GPG, and that requires a key pair. If you don't want more security than the passphrase provides, keep plenty of copies of the private key around (e.g. store it on every backup media, and print it).
Note that you need to choose a really good passphrase (as in long and having high entropy) to get reasonable security from offline attacks (which is the threat here).