I use Duplicati on Windows from the command line only. I do not use the GUI / automated scheduler.
I would like to understand the security issues surrounding the passphrase in my usage scenario.
- Is it possible to recover the passphrase from the contents of the .sqlite Configuration table in the backup job database, or is this a 1-way dataset that can only be used to validate the correct passphrase?
- When I supply --passphrase=whatever to Duplicati.CommandLine.exe, is the passphrase being cached anywhere on my system?
I read these posts…
Clear text password stored in Duplicati-server.sqlite
About Duplicati Security
Storage of encryption password
“Why don’t I have to re-enter my encryption password?” (post 1769 - I’m on my 3 hyperlink per post limit for new users)
After reading the above, I’m assuming that pure command line usage doesn’t involve Duplicati-server.sqlite at all (?)