How can I make Deja Dup use AES 256 as the encryption algorithm?

by user12681   Last Updated August 01, 2020 14:02 PM

I'm using Deja Dup on Oneiric Ocelot.

How can I make it use AES 256 as the algorithm for encryption?

Or for that matter, how can I control which encryption algorithm is used?

Deja Dup uses duplicity which in turn uses GnuPG. GnuPG uses CAST5 by default, but it also supports AES-256. However, I have no idea what parameters Deja Dup passes to duplicity and what parameters duplicity passes to GnuPG. So... how can I control which algorithm is used?

Answers 3

Per Michael Terry, "Deja Dup uses the default in GnuPG, which as of this writing is CAST5. This can't be changed via Deja Dup."

January 15, 2012 20:28 PM

I know this is a bit late but if you put s2k-cipher-algo AES256 in ~/.gnupg/gpg.conf then all your deja-dup backups will be encrypted with AES256. The only downside to this is that if you didn't have this option enabled from the first backup, all your other backups become pointless at that point because you'll need to delete them all and start over. So before you set the option please pick your backups for files that need to be kept.

Jordon Bedwell
Jordon Bedwell
March 21, 2012 08:46 AM

you can use

duplicity [source] [destination] --gpg-options '--cipher-algo AES256'

in htop you can confirm that gpg is using AES256

But according to wikipedia "By default, GnuPG uses the AES symmetrical algorithm since version 2.1"

August 01, 2020 13:48 PM

Related Questions

Unable to restore files with Deja Dup on Kubuntu 18.04

Updated February 16, 2019 20:02 PM