From 3326340addd773795f967823ea2371bb5399b247 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Fri, 16 Feb 2018 10:49:51 +0000 Subject: [PATCH 01/12] Wording --- doc/EN/app_bdsmail.org | 2 +- website/EN/app_bdsmail.html | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/doc/EN/app_bdsmail.org b/doc/EN/app_bdsmail.org index 2703a7fa..e5ada578 100644 --- a/doc/EN/app_bdsmail.org +++ b/doc/EN/app_bdsmail.org @@ -30,4 +30,4 @@ ssh myusername@mydomain.com -p 2222 Select *Administrator controls* then *App Settings* then *bdsmail*. It may take a while to install, due to the creation of keys. -After installation if you exit from *Administrator controls* back to the user control panel then select the option to show your email address. You will now have a new bdsmail address which ends with /.b32.i2p/. If you then select *Use Email* to run the Mutt email client you'll notice that you now have a folder called *i2p*. If you select that folder (move up and down with /CTRL+n/ or /CTRL+p/ and open with /CTRL+o/) you can then send email from your new address, or receive mail to it. Just like ordinary email, but with a more random-looking address. +After installation exit from *Administrator controls* back to the user control panel then select the option to *show your email address*. You will now have a new bdsmail address which ends with /.b32.i2p/. If you then select *Use Email* to run the Mutt email client you'll notice that you now have a folder called *i2p*. If you select that folder (move up and down with /CTRL+n/ or /CTRL+p/ and open with /CTRL+o/) you can then send email from your new address, or receive mail to it. Just like ordinary email, but with a more random-looking address. diff --git a/website/EN/app_bdsmail.html b/website/EN/app_bdsmail.html index afe38cf6..a4d5c850 100644 --- a/website/EN/app_bdsmail.html +++ b/website/EN/app_bdsmail.html @@ -3,7 +3,7 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - + @@ -256,9 +256,9 @@ BDS Mail (aka "Brain Dead Simple Mail") is an optional addition to the existing It's unlikely that many people will use this. If it's hard to persuade anyone to use GPG or Enigmail then it will be next to impossible to persuade them to switch to BDS Mail unless they're already obsessive about technical security. However, this provides yet another option for reasonably secure communications if other methods fail or are untrustable.

-
-

Installation

-
+
+

Installation

+

ssh into the system with:

@@ -273,7 +273,7 @@ Select Administrator controls then App Settings then bdsmail

-After installation if you exit from Administrator controls back to the user control panel then select the option to show your email address. You will now have a new bdsmail address which ends with .b32.i2p. If you then select Use Email to run the Mutt email client you'll notice that you now have a folder called i2p. If you select that folder (move up and down with CTRL+n or CTRL+p and open with CTRL+o) you can then send email from your new address, or receive mail to it. Just like ordinary email, but with a more random-looking address. +After installation exit from Administrator controls back to the user control panel then select the option to show your email address. You will now have a new bdsmail address which ends with .b32.i2p. If you then select Use Email to run the Mutt email client you'll notice that you now have a folder called i2p. If you select that folder (move up and down with CTRL+n or CTRL+p and open with CTRL+o) you can then send email from your new address, or receive mail to it. Just like ordinary email, but with a more random-looking address.

From f84f6aff3ae622a1545118b73c2a6bbe074eada5 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Fri, 16 Feb 2018 11:55:20 +0000 Subject: [PATCH 02/12] add/remove not app settings --- doc/EN/app_bdsmail.org | 2 +- website/EN/app_bdsmail.html | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/doc/EN/app_bdsmail.org b/doc/EN/app_bdsmail.org index e5ada578..8830abd7 100644 --- a/doc/EN/app_bdsmail.org +++ b/doc/EN/app_bdsmail.org @@ -28,6 +28,6 @@ ssh into the system with: ssh myusername@mydomain.com -p 2222 #+END_SRC -Select *Administrator controls* then *App Settings* then *bdsmail*. It may take a while to install, due to the creation of keys. +Select *Administrator controls* then *Add/Remove Apps* then *bdsmail*. It may take a while to install, due to the creation of keys. After installation exit from *Administrator controls* back to the user control panel then select the option to *show your email address*. You will now have a new bdsmail address which ends with /.b32.i2p/. If you then select *Use Email* to run the Mutt email client you'll notice that you now have a folder called *i2p*. If you select that folder (move up and down with /CTRL+n/ or /CTRL+p/ and open with /CTRL+o/) you can then send email from your new address, or receive mail to it. Just like ordinary email, but with a more random-looking address. diff --git a/website/EN/app_bdsmail.html b/website/EN/app_bdsmail.html index a4d5c850..8d22c13a 100644 --- a/website/EN/app_bdsmail.html +++ b/website/EN/app_bdsmail.html @@ -3,7 +3,7 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - + @@ -256,9 +256,9 @@ BDS Mail (aka "Brain Dead Simple Mail") is an optional addition to the existing It's unlikely that many people will use this. If it's hard to persuade anyone to use GPG or Enigmail then it will be next to impossible to persuade them to switch to BDS Mail unless they're already obsessive about technical security. However, this provides yet another option for reasonably secure communications if other methods fail or are untrustable.

-
-

Installation

-
+
+

Installation

+

ssh into the system with:

@@ -269,7 +269,7 @@ ssh into the system with:

-Select Administrator controls then App Settings then bdsmail. It may take a while to install, due to the creation of keys. +Select Administrator controls then Add/Remove Apps then bdsmail. It may take a while to install, due to the creation of keys.

From 8f6c364229729f41b3443bb3e6956dbbb357ecec Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Fri, 16 Feb 2018 13:22:52 +0000 Subject: [PATCH 03/12] Show bdsmail address as a QR code --- src/freedombone-controlpanel-user | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/freedombone-controlpanel-user b/src/freedombone-controlpanel-user index 4e7879e4..ecdf1044 100755 --- a/src/freedombone-controlpanel-user +++ b/src/freedombone-controlpanel-user @@ -894,6 +894,12 @@ function show_your_email_address { dialog --title $"Show your Email Address" \ --backtitle $"Freedombone User Control Panel" \ --msgbox $"\nYou can press SHIFT and then drag the mouse and right click to copy.\n\nEmail Address: $MY_EMAIL_ADDRESS\n\nKey ID: $GPG_ID\n\nFingerprint: $GPG_FINGERPRINT\n\nCreated: $GPG_DATE\n\nI2P Address: ${bdsmail_address}" 17 90 + clear + echo '' + echo $'Your bdsmail address as a QR code' + echo '' + echo -n "${bdsmail_address}" | qrencode -t UTF8 + any_key fi } From c2e0f68541fe6c5bce9fcef27b19e318d05cfd13 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Fri, 16 Feb 2018 13:25:58 +0000 Subject: [PATCH 04/12] Also show bdsmail address --- src/freedombone-controlpanel-user | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/freedombone-controlpanel-user b/src/freedombone-controlpanel-user index ecdf1044..7e35a211 100755 --- a/src/freedombone-controlpanel-user +++ b/src/freedombone-controlpanel-user @@ -899,6 +899,9 @@ function show_your_email_address { echo $'Your bdsmail address as a QR code' echo '' echo -n "${bdsmail_address}" | qrencode -t UTF8 + echo '' + echo "${bdsmail_address}" + echo '' any_key fi } From a34b251cb91350f8274c95a459f464015e813df4 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sat, 17 Feb 2018 14:19:32 +0000 Subject: [PATCH 05/12] gpg agent for root --- src/freedombone-backup-local | 1 + src/freedombone-backup-remote | 3 ++- src/freedombone-restore-local | 1 + src/freedombone-restore-remote | 1 + 4 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/freedombone-backup-local b/src/freedombone-backup-local index 482f6162..5510a46b 100755 --- a/src/freedombone-backup-local +++ b/src/freedombone-backup-local @@ -373,6 +373,7 @@ if [[ $1 == "remove" ]]; then remove_option=$1 fi +gpg_agent_setup root backup_mount_drive $1 $2 remove_backup_directory $remove_option make_backup_directory diff --git a/src/freedombone-backup-remote b/src/freedombone-backup-remote index 69e3f529..c272bb9c 100755 --- a/src/freedombone-backup-remote +++ b/src/freedombone-backup-remote @@ -13,7 +13,7 @@ # License # ======= # -# Copyright (C) 2015-2016 Bob Mottram +# Copyright (C) 2015-2018 Bob Mottram # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by @@ -430,6 +430,7 @@ if [[ "$1" == "test" ]]; then TEST_MODE="yes" fi +gpg_agent_setup root backup_configfiles if [[ $TEST_MODE == "no" ]]; then backup_blocklist diff --git a/src/freedombone-restore-local b/src/freedombone-restore-local index bacbe5cb..74a89429 100755 --- a/src/freedombone-restore-local +++ b/src/freedombone-restore-local @@ -956,6 +956,7 @@ backup_mount_drive ${1} ${ADMIN_USERNAME} ${2} check_backup_exists check_admin_user copy_gpg_keys +gpg_agent_setup root restore_blocklist restore_configfiles same_admin_user diff --git a/src/freedombone-restore-remote b/src/freedombone-restore-remote index 61226fdc..4cc0be8c 100755 --- a/src/freedombone-restore-remote +++ b/src/freedombone-restore-remote @@ -857,6 +857,7 @@ function restore_email { ${PROJECT_NAME}-recoverkey -u ${ADMIN_USERNAME} -l $BACKUP_LIST copy_gpg_keys +gpg_agent_setup root restore_blocklist restore_configfiles restore_passwordstore From 3dec7889b06cd0b5a0d6c07574e7d9dfde9be4bc Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sat, 17 Feb 2018 14:29:17 +0000 Subject: [PATCH 06/12] Use agent --- src/freedombone-utils-gpg | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/freedombone-utils-gpg b/src/freedombone-utils-gpg index 42e985e4..637986de 100755 --- a/src/freedombone-utils-gpg +++ b/src/freedombone-utils-gpg @@ -228,6 +228,9 @@ function gpg_agent_setup { echo 'GPG_TTY=$(tty)' >> /root/.bashrc echo 'export GPG_TTY' >> /root/.bashrc fi + if grep -q '# use-agent' /root/.gnupg/gpg.conf; then + sed -i 's|# use-agent|use-agent|g' /root/.gnupg/gpg.conf + fi if ! grep -q 'use-agent' /root/.gnupg/gpg.conf; then echo 'use-agent' >> /root/.gnupg/gpg.conf fi @@ -240,6 +243,9 @@ function gpg_agent_setup { if ! grep -q 'allow-loopback-pinentry' /root/.gnupg/gpg-agent.conf; then echo 'allow-loopback-pinentry' >> /root/.gnupg/gpg-agent.conf fi + if [ -f /root/.gnupg/S.dirmngr ]; then + rm /root/.gnupg/S.dirmngr + fi echo RELOADAGENT | gpg-connect-agent else if ! grep -q 'GPG_TTY' /home/$gpg_username/.bashrc; then @@ -248,6 +254,9 @@ function gpg_agent_setup { echo 'export GPG_TTY' >> /home/$gpg_username/.bashrc chown $gpg_username:$gpg_username /home/$gpg_username/.bashrc fi + if grep -q '# use-agent' /home/$gpg_username/.gnupg/gpg.conf; then + sed -i 's|# use-agent|use-agent|g' /home/$gpg_username/.gnupg/gpg.conf + fi if ! grep -q 'use-agent' /home/$gpg_username/.gnupg/gpg.conf; then echo 'use-agent' >> /home/$gpg_username/.gnupg/gpg.conf fi @@ -260,6 +269,9 @@ function gpg_agent_setup { if ! grep -q 'allow-loopback-pinentry' /home/$gpg_username/.gnupg/gpg-agent.conf; then echo 'allow-loopback-pinentry' >> /home/$gpg_username/.gnupg/gpg-agent.conf fi + if [ -f /home/$gpg_username/.gnupg/S.dirmngr ]; then + rm /home/$gpg_username/.gnupg/S.dirmngr + fi if [[ "$gpg_username" != "$USER" ]]; then su -c "echo RELOADAGENT | gpg-connect-agent" - $gpg_username else From d528d904cca49493120503aaa4e8fcad155a7ca6 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sat, 17 Feb 2018 14:34:40 +0000 Subject: [PATCH 07/12] Simplify --- src/freedombone-utils-gpg | 21 ++++++--------------- 1 file changed, 6 insertions(+), 15 deletions(-) diff --git a/src/freedombone-utils-gpg b/src/freedombone-utils-gpg index 637986de..e5790582 100755 --- a/src/freedombone-utils-gpg +++ b/src/freedombone-utils-gpg @@ -234,15 +234,9 @@ function gpg_agent_setup { if ! grep -q 'use-agent' /root/.gnupg/gpg.conf; then echo 'use-agent' >> /root/.gnupg/gpg.conf fi - if ! grep -q 'pinentry-mode loopback' /root/.gnupg/gpg.conf; then - echo 'pinentry-mode loopback' >> /root/.gnupg/gpg.conf - fi - if [ ! -f /root/.gnupg/gpg-agent.conf ]; then - touch /root/.gnupg/gpg-agent.conf - fi - if ! grep -q 'allow-loopback-pinentry' /root/.gnupg/gpg-agent.conf; then - echo 'allow-loopback-pinentry' >> /root/.gnupg/gpg-agent.conf - fi + echo 'default-cache-ttl 300' > /root/.gnupg/gpg-agent.conf + echo 'max-cache-ttl 999999' >> /root/.gnupg/gpg-agent.conf + echo 'allow-loopback-pinentry' >> /root/.gnupg/gpg-agent.conf if [ -f /root/.gnupg/S.dirmngr ]; then rm /root/.gnupg/S.dirmngr fi @@ -263,12 +257,9 @@ function gpg_agent_setup { if ! grep -q 'pinentry-mode loopback' /home/$gpg_username/.gnupg/gpg.conf; then echo 'pinentry-mode loopback' >> /home/$gpg_username/.gnupg/gpg.conf fi - if [ ! -f /home/$gpg_username/.gnupg/gpg-agent.conf ]; then - touch /home/$gpg_username/.gnupg/gpg-agent.conf - fi - if ! grep -q 'allow-loopback-pinentry' /home/$gpg_username/.gnupg/gpg-agent.conf; then - echo 'allow-loopback-pinentry' >> /home/$gpg_username/.gnupg/gpg-agent.conf - fi + echo 'default-cache-ttl 300' > /home/$gpg_username/.gnupg/gpg-agent.conf + echo 'max-cache-ttl 999999' >> /home/$gpg_username/.gnupg/gpg-agent.conf + echo 'allow-loopback-pinentry' >> /home/$gpg_username/.gnupg/gpg-agent.conf if [ -f /home/$gpg_username/.gnupg/S.dirmngr ]; then rm /home/$gpg_username/.gnupg/S.dirmngr fi From 6e5ffcc9ea992cb674d1f28c59b4a8e23e5e4271 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sat, 17 Feb 2018 14:41:45 +0000 Subject: [PATCH 08/12] Handling user agent during user files backup --- src/freedombone-backup-local | 3 +++ src/freedombone-backup-remote | 2 ++ 2 files changed, 5 insertions(+) diff --git a/src/freedombone-backup-local b/src/freedombone-backup-local index 5510a46b..c8dc4fa8 100755 --- a/src/freedombone-backup-local +++ b/src/freedombone-backup-local @@ -113,6 +113,7 @@ function backup_users { for d in /home/*/ ; do USERNAME=$(echo "$d" | awk -F '/' '{print $3}') if [[ $(is_valid_user "$USERNAME") == "1" ]]; then + gpg_agent_setup $USERNAME # Backup any gpg keys if [ -d /home/$USERNAME/.gnupg ]; then @@ -212,6 +213,8 @@ function backup_users { cp /home/$USERNAME/.procmailrc /home/$USERNAME/tempbackup backup_directory_to_usb /home/$USERNAME/tempbackup procmail/$USERNAME fi + + gpg_agent_enable $USERNAME fi done } diff --git a/src/freedombone-backup-remote b/src/freedombone-backup-remote index c272bb9c..0169b648 100755 --- a/src/freedombone-backup-remote +++ b/src/freedombone-backup-remote @@ -157,6 +157,7 @@ function backup_users { for d in /home/*/ ; do USERNAME=$(echo "$d" | awk -F '/' '{print $3}') if [[ $(is_valid_user "$USERNAME") == "1" ]]; then + gpg_agent_setup $USERNAME # personal settings if [ -d /home/$USERNAME/personal ]; then @@ -266,6 +267,7 @@ function backup_users { echo $"Backing up emails for $USERNAME" backup_directory_to_friend /root/backupemail/$USERNAME mail/$USERNAME fi + gpg_agent_enable $USERNAME fi done } From e0832a2d4f6af631d9de4126fdc46a379cbe0c46 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sat, 17 Feb 2018 14:50:09 +0000 Subject: [PATCH 09/12] Backup with use-agent --- src/freedombone-utils-backup | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/freedombone-utils-backup b/src/freedombone-utils-backup index e3d2a22b..f38444a7 100755 --- a/src/freedombone-utils-backup +++ b/src/freedombone-utils-backup @@ -282,7 +282,7 @@ function backup_database_local_usb { function backup_directory_to_usb_duplicity { create_backups_temp_directory - echo "$BACKUP_DUMMY_PASSWORD" | duplicity full --gpg-options "$BACKUP_GPG_OPTIONS" --tempdir $BACKUP_TEMP_DIRECTORY --encrypt-key $MY_BACKUP_KEY_ID --full-if-older-than 4W --exclude-other-filesystems ${1} file://$USB_MOUNT/backup/${2} + echo "$BACKUP_DUMMY_PASSWORD" | duplicity full --use-agent --gpg-options "$BACKUP_GPG_OPTIONS" --tempdir $BACKUP_TEMP_DIRECTORY --encrypt-key $MY_BACKUP_KEY_ID --full-if-older-than 4W --exclude-other-filesystems ${1} file://$USB_MOUNT/backup/${2} if [ ! "$?" = "0" ]; then umount $USB_MOUNT rm -rf $USB_MOUNT @@ -412,7 +412,7 @@ function set_user_permissions { function backup_directory_to_friend_duplicity { create_backups_temp_directory - echo "$BACKUP_DUMMY_PASSWORD" | duplicity full --gpg-options "$BACKUP_GPG_OPTIONS" --tempdir $BACKUP_TEMP_DIRECTORY --ssh-askpass --encrypt-key ${ADMIN_BACKUP_KEY_ID} --full-if-older-than 4W --exclude-other-filesystems ${1} $SERVER_DIRECTORY/backup/${2} + echo "$BACKUP_DUMMY_PASSWORD" | duplicity full --use-agent --gpg-options "$BACKUP_GPG_OPTIONS" --tempdir $BACKUP_TEMP_DIRECTORY --ssh-askpass --encrypt-key ${ADMIN_BACKUP_KEY_ID} --full-if-older-than 4W --exclude-other-filesystems ${1} $SERVER_DIRECTORY/backup/${2} if [ ! "$?" = "0" ]; then if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then shred -zu ${1}/* From b8327a446106762a8732f525091630ece78ef889 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sat, 17 Feb 2018 15:00:00 +0000 Subject: [PATCH 10/12] User agent setup not needed for users during backup --- src/freedombone-backup-local | 2 -- src/freedombone-backup-remote | 2 -- 2 files changed, 4 deletions(-) diff --git a/src/freedombone-backup-local b/src/freedombone-backup-local index c8dc4fa8..b31c6251 100755 --- a/src/freedombone-backup-local +++ b/src/freedombone-backup-local @@ -113,8 +113,6 @@ function backup_users { for d in /home/*/ ; do USERNAME=$(echo "$d" | awk -F '/' '{print $3}') if [[ $(is_valid_user "$USERNAME") == "1" ]]; then - gpg_agent_setup $USERNAME - # Backup any gpg keys if [ -d /home/$USERNAME/.gnupg ]; then echo $"Backing up gpg keys for $USERNAME" diff --git a/src/freedombone-backup-remote b/src/freedombone-backup-remote index 0169b648..a560c69e 100755 --- a/src/freedombone-backup-remote +++ b/src/freedombone-backup-remote @@ -157,8 +157,6 @@ function backup_users { for d in /home/*/ ; do USERNAME=$(echo "$d" | awk -F '/' '{print $3}') if [[ $(is_valid_user "$USERNAME") == "1" ]]; then - gpg_agent_setup $USERNAME - # personal settings if [ -d /home/$USERNAME/personal ]; then echo $"Backing up personal settings for $USERNAME" From 05c53ce59c0e44321233a335fa6b780943b62e72 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sat, 17 Feb 2018 15:07:52 +0000 Subject: [PATCH 11/12] Stopping and restarting pleroma during backups --- src/freedombone-app-pleroma | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/freedombone-app-pleroma b/src/freedombone-app-pleroma index caa3bc8c..a097351d 100755 --- a/src/freedombone-app-pleroma +++ b/src/freedombone-app-pleroma @@ -744,6 +744,8 @@ function backup_local_pleroma { PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain") fi + systemctl stop pleroma + function_check suspend_site suspend_site ${PLEROMA_DOMAIN_NAME} @@ -757,6 +759,8 @@ function backup_local_pleroma { function_check restart_site restart_site + + systemctl restart pleroma } function restore_local_pleroma { @@ -769,6 +773,8 @@ function restore_local_pleroma { temp_restore_dir=/root/temppleroma pleroma_dir=$PLEROMA_DIR + systemctl stop pleroma + PLEROMA_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_pleroma/hostname) function_check pleroma_create_database pleroma_create_database @@ -797,6 +803,8 @@ function backup_remote_pleroma { PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain") fi + systemctl stop pleroma + function_check suspend_site suspend_site ${PLEROMA_DOMAIN_NAME} @@ -810,6 +818,8 @@ function backup_remote_pleroma { function_check restart_site restart_site + + systemctl restart pleroma } function restore_remote_pleroma { @@ -822,6 +832,8 @@ function restore_remote_pleroma { temp_restore_dir=/root/temppleroma pleroma_dir=$PLEROMA_DIR + systemctl stop pleroma + PLEROMA_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_pleroma/hostname) function_check pleroma_create_database pleroma_create_database From c9a92fd4f71c3341d9f4fd8c40edad5dc2707b78 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sat, 17 Feb 2018 15:19:59 +0000 Subject: [PATCH 12/12] Use agent during verification --- src/freedombone-utils-backup | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/freedombone-utils-backup b/src/freedombone-utils-backup index f38444a7..a5b1f0d6 100755 --- a/src/freedombone-utils-backup +++ b/src/freedombone-utils-backup @@ -296,7 +296,7 @@ function backup_directory_to_usb_duplicity { exit 8352925 fi if [[ $ENABLE_BACKUP_VERIFICATION == "yes" ]]; then - echo "$BACKUP_DUMMY_PASSWORD" | duplicity verify --gpg-options "$BACKUP_GPG_OPTIONS" --tempdir $BACKUP_TEMP_DIRECTORY --encrypt-key $MY_BACKUP_KEY_ID --full-if-older-than 4W --exclude-other-filesystems ${1} file://$USB_MOUNT/backup/${2} + echo "$BACKUP_DUMMY_PASSWORD" | duplicity verify --use-agent --gpg-options "$BACKUP_GPG_OPTIONS" --tempdir $BACKUP_TEMP_DIRECTORY --encrypt-key $MY_BACKUP_KEY_ID --full-if-older-than 4W --exclude-other-filesystems ${1} file://$USB_MOUNT/backup/${2} if [ ! "$?" = "0" ]; then umount $USB_MOUNT rm -rf $USB_MOUNT @@ -424,7 +424,7 @@ function backup_directory_to_friend_duplicity { exit 5293526 fi if [[ $ENABLE_BACKUP_VERIFICATION == "yes" ]]; then - echo "$BACKUP_DUMMY_PASSWORD" | duplicity verify --gpg-options "$BACKUP_GPG_OPTIONS" --tempdir $BACKUP_TEMP_DIRECTORY --ssh-askpass --encrypt-key ${ADMIN_BACKUP_KEY_ID} --full-if-older-than 4W --exclude-other-filesystems ${1} $SERVER_DIRECTORY/backup/${2} + echo "$BACKUP_DUMMY_PASSWORD" | duplicity verify --use-agent --gpg-options "$BACKUP_GPG_OPTIONS" --tempdir $BACKUP_TEMP_DIRECTORY --ssh-askpass --encrypt-key ${ADMIN_BACKUP_KEY_ID} --full-if-older-than 4W --exclude-other-filesystems ${1} $SERVER_DIRECTORY/backup/${2} if [ ! "$?" = "0" ]; then if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then shred -zu ${1}/*