diff options
Diffstat (limited to 'faq/private-key-for-backup.mdwn')
-rw-r--r-- | faq/private-key-for-backup.mdwn | 25 |
1 files changed, 0 insertions, 25 deletions
diff --git a/faq/private-key-for-backup.mdwn b/faq/private-key-for-backup.mdwn deleted file mode 100644 index 5651f73..0000000 --- a/faq/private-key-for-backup.mdwn +++ /dev/null @@ -1,25 +0,0 @@ -[[!meta title="Why does Obnam want my PGP private key passphrase?"]] - -When doing an incremental backup, Obnam reads metadata back from the backup -repository to determine what it needs to back up. For example, names of -files and when they were last modified. The metadata is also encrypted, -and Obnam needs to decrypt it to be able to do an incremental backup. -That is why Obnam needs the passphrase. - -Depending on how your GnuPG and its related agent is configured, you -may need to type in the passphrase multiple times during a backup run. -This is because the agent may expire the passphrase: it will remember -it for, say, five minutes or an hour after you enter the passphrase, -but after that you may need to enter the passphrase again. This can be -awkward, and if you're not around to enter the passphrase, the backup -may be terminated in the middle. - -There's two ways around that: you can either configure your GnuPG -agent to remember the passphrase for a longer time, possibly -indefinitely, or you can use a private key without a passphrase. -Neither is unproblematic from a security point of view. - -In any case, it's not something that Obnam is part of. Obnam only runs -gpg, and if gpg talks to its agent, which asks for a passphrase, or -not, depending on the configuration. There's nothing Obnam can do to -affect this. |