sudo yum install duplicityIf you get "No package duplicity available.", you need to install EPEL. For CentOS 6:
sudo rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm
Then try yum again.
gpg --gen-keyThe defaults are fine. When the key is complete, make sure you copy down the key (made bold) because you'll pass it to duplicity:
gpg: checking the trustdbgpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust modelgpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1upub 2048R/12345678 2012-01-26.....You might need to export the key if another user will use it. In my case, I had to create the keys with one user but another user would execute the backups.
gpg --output secret --export-secret-keysgpg --output public --exportThen the other user needs to:
gpg --import /path/to/secretgpg --import /path/to/publicYou can verify the keys are there by:
gpg --list-keysIf when using the key you get these errors:
gpg: : There is no assurance this key belongs to the named user gpg: [stdin]: sign+encrypt failed: Unusable public keyYou should (as the user experiencing this error):
gpg --edit-key [key]> trust// decide how much to trust it> saveNow to actually use duplicity, it'll most likely be cron'd so a shell script would work nice. I like the way Justin Hartman did it so there's really no need to re-invent what he did. Just ignore the AWS stuff if you're not backing up there.
No comments:
Post a Comment