<div dir="ltr">>>This indicates to me that you are right, Bob. The password was the password. There is no other key that's being created and stored somewhere. It also would seem to indicate that the password is somewhere on the backup drive, but I don't have any idea where on the drive that would be.<<<div><br></div><div>Hey Jim,</div><div>One thing to remember is that the key itself will probably be encrypted. That's likely what the password is for. It's less secure than a two-key system, but the single key would be worthless if anyone who found your key could come along and use it to unlock your encrypted asset. Like keeping your front door key under the welcome mat. Not very secure. So the password is simply to decrypt your key and make it usable for you and only you. The key probably stays decrypted just long enough for you to use it, and then the decrypted version disappears or something. The password would probably be part of the text (or all of it) that is used to encrypt the key. Providing that password back into the decryption formula would decrypt the key. In this case the password would not need to be stored anywhere. I'm no expert on encryption--there are many who are on this list--but I think that's how it works... or maybe some other way!!! ;-D</div><div><br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Aug 24, 2020 at 4:19 PM Jim Ransone via Ale <<a href="mailto:ale@ale.org">ale@ale.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto"><div dir="auto"><span style="font-family:sans-serif">Much thanks to everyone for the suggestions and advice so far! Here is an update:</span><div dir="auto" style="font-family:sans-serif"><br></div><div dir="auto" style="font-family:sans-serif">I have attempted to duplicate the entire scenario on an older spare laptop.</div><div dir="auto" style="font-family:sans-serif"><br></div><div dir="auto" style="font-family:sans-serif">- I installed the same OS - Ubuntu Studio 20.04. </div><div dir="auto" style="font-family:sans-serif">- I created a folder and filled it with a handful of files.</div><div dir="auto" style="font-family:sans-serif">- I used Deja Dup to back up the folder onto a usb flash drive. (Didn't want to risk doing something weird to my actual backup drive.) Was asked to create a password.</div><div dir="auto" style="font-family:sans-serif">- Reinstalled Ubuntu Studio 20.04 with the same settings as before (erasing everything.)</div><div dir="auto" style="font-family:sans-serif">- Reinstalled Deja Dup.</div><div dir="auto" style="font-family:sans-serif">- Used Deja Dup with the password to successfully restore the backup.</div><div dir="auto" style="font-family:sans-serif"><br></div><div dir="auto" style="font-family:sans-serif">This indicates to me that you are right, Bob. The password was the password. There is no other key that's being created and stored somewhere. It also would seem to indicate that the password is somewhere on the backup drive, but I don't have any idea where on the drive that would be.</div><div dir="auto" style="font-family:sans-serif"><br></div><div dir="auto" style="font-family:sans-serif">So either I am misremembering the original password, as you suggested, Bob, or there is some other issue. I have seen comments online about a bug that cause it to sometimes fail to store the key.</div><div dir="auto" style="font-family:sans-serif"><br></div><div dir="auto" style="font-family:sans-serif">Jim</div><div dir="auto" style="font-family:sans-serif"><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Aug 24, 2020, 3:51 PM DJ-Pfulio via Ale <<a href="mailto:ale@ale.org" rel="noreferrer" target="_blank">ale@ale.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">If you have backups, but have never attempted to restore them onto a new system, you don't actually have any backups. You have "hope and prayers." We know how well that works.<br>
<br>
IT pros get called into clients all the time where they've been doing backups for years, but never tested them. Turns out all that time and effort was useless because of some small issue. Corruption, constant failures the last 5 yrs, missing encryption key, so key part of the data not included in the stored backups. There's always something. Always.<br>
<br>
If you've never tested the restore for your backups, in a clean-room environment, then it is highly, likely that they won't work.<br>
<br>
Of course, if you have the money and time to clone 50 HDDs to have 50 backup versions, fantastic. 1 copy is great, but what happens if a file gets malware and nobody notices for 60 days? 120 days - 180 days of versioned backups are pretty easy and really don't take much storage.<br>
<br>
Cloning is the brute force backup method. Extremely wasteful and unnecessary for Unix systems. I'd love to know how to have 180 days of cloned storage for high risk systems. Whereas versioned backups for the email gateway here are:<br>
Time Size Cumulative size<br>
-----------------------------------------------------------------------------<br>
Sun Aug 23 01:30:02 2020 63.1 MB 63.1 MB (current mirror)<br>
Sat Aug 22 01:30:02 2020 1.86 KB 63.1 MB<br>
Fri Aug 21 01:30:02 2020 496 bytes 63.1 MB<br>
Thu Aug 20 01:30:02 2020 895 bytes 63.1 MB<br>
...<br>
Wed Apr 29 01:30:02 2020 788 bytes 63.4 MB<br>
Tue Apr 28 16:27:34 2020 744 bytes 63.4 MB<br>
Mon Apr 27 01:30:02 2020 11.6 KB 63.4 MB<br>
Sun Apr 26 01:30:02 2020 866 bytes 63.4 MB<br>
<br>
That system uses:<br>
$ df -hT<br>
Filesystem Type Size Used Avail Use% Mounted on<br>
/dev/vda1 ext4 8.8G 4.3G 4.1G 52% /<br>
<br>
Why backup 4G when 64MB will do? Just sayin'.<br>
<br>
On 8/24/20 2:45 PM, Jim Ransone via Ale wrote:<br>
> David, thanks for the advice!<br>
> <br>
> Bob, does "single key" mean that my password is the key itself?<br>
> <br>
> <br>
> On Mon, Aug 24, 2020, 2:23 PM Bob via Ale <<a href="mailto:ale@ale.org" rel="noreferrer noreferrer" target="_blank">ale@ale.org</a> <mailto:<a href="mailto:ale@ale.org" rel="noreferrer noreferrer" target="_blank">ale@ale.org</a>>> wrote:<br>
> <br>
> <br>
> From ddging it looks like Deja Dup uses a single key (symmetric cipher).<br>
> <br>
> The OP wrote: "I tried the password and it acted busy for a little<br>
> while and then asked for the password again. Not sure what that means."<br>
> <br>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org" rel="noreferrer noreferrer" target="_blank">Ale@ale.org</a><br>
<a href="https://mail.ale.org/mailman/listinfo/ale" rel="noreferrer noreferrer noreferrer" target="_blank">https://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" rel="noreferrer noreferrer noreferrer" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</blockquote></div></div>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org" target="_blank">Ale@ale.org</a><br>
<a href="https://mail.ale.org/mailman/listinfo/ale" rel="noreferrer" target="_blank">https://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" rel="noreferrer" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</blockquote></div>