Running duplicacy init with a BackBlaze website-generated API key works as expected:
bob@dev0:~# export DUPLICACY_B2_ID=<redacted>0034; export DUPLICACY_B2_KEY=<redacted>
bob@dev0:~# duplicacy -d -v init test b2://temp250908
Reading the environment variable DUPLICACY_B2_ID
Reading the environment variable DUPLICACY_B2_KEY
Download URL is: https://f001.backblazeb2.com
Reading the environment variable DUPLICACY_B2_ID
Reading the environment variable DUPLICACY_B2_KEY
[0] URL request 'HEAD https://f001.backblazeb2.com/file/temp250908/config' returned status code 404
https://f001.backblazeb2.com/file/temp250908/config did not return headers
[0] URL request 'HEAD https://f001.backblazeb2.com/file/temp250908/config' returned status code 404
https://f001.backblazeb2.com/file/temp250908/config did not return headers
Compression level: 100
Average chunk size: 4194304
Maximum chunk size: 16777216
Minimum chunk size: 1048576
Chunk seed: 6475706c6963616379
Hash key: 6475706c6963616379
ID key: 6475706c6963616379
However, when I try to use an API key generated with the b2 CLI tool having the same scope and permissions as the web-generated key, it hangs in a loop attempting to call b2_authorize_account:
bob@dev0:~# export DUPLICACY_B2_ID=<redacted>0041; export DUPLICACY_B2_KEY=<redacted>
bob@dev0:~# duplicacy -d -v init test1 b2://temp250908
Reading the environment variable DUPLICACY_B2_ID
Reading the environment variable DUPLICACY_B2_KEY
[0] URL request 'POST https://api.backblazeb2.com/b2api/v1/b2_authorize_account' returned 400 This request is not currently supported on API version number 1
[0] URL request 'POST https://api.backblazeb2.com/b2api/v1/b2_authorize_account' returned 400 This request is not currently supported on API version number 1
[0] URL request 'POST https://api.backblazeb2.com/b2api/v1/b2_authorize_account' returned 400 This request is not currently supported on API version number 1
...
Here's how I generated the b2 CLI key, and a key list showing that the two keys have (theoretically) identical perms:
bob@dev0:~# b2 key create --bucket "temp250908" "temp250908-cli" listBuckets,readBuckets,listFiles,readFiles,shareFiles,writeFiles,deleteFiles,readBucketEncryption,writeBucketEncryption,readBucketLogging,writeBucketLogging,readBucketReplications,writeBucketReplications,readBucketNotifications,writeBucketNotifications
<redacted>0041 <redacted>
bob@dev0:~# b2 key list -l
<redacted>0034 temp250908-website temp250908 - - '' listBuckets,readBuckets,listFiles,readFiles,shareFiles,writeFiles,deleteFiles,readBucketEncryption,writeBucketEncryption,readBucketLogging,writeBucketLogging,readBucketReplications,writeBucketReplications,readBucketNotifications,writeBucketNotifications
<redacted>0041 temp250908-cli temp250908 - - '' listBuckets,readBuckets,listFiles,readFiles,shareFiles,writeFiles,deleteFiles,readBucketEncryption,writeBucketEncryption,readBucketLogging,writeBucketLogging,readBucketReplications,writeBucketReplications,readBucketNotifications,writeBucketNotifications
I asked BackBlaze support several times what is the difference between these two keys, but did not receive a meaningful response. I was told to use Rclone instead. 🤣
It should be noted that Duplicacy is using b2 API version 1, while the current recommended version is 4.
Support of CLI-generated keys is desirable as they provide the option to omit the deleteFiles permission. While the bucket's Lifecycle setting is "Keep all versions", a key lacking that permission supports Duplicacy init/backup/restore/prune operations, but cannot be misused by an adversary to hard-delete existing files.
Both keys work as expected when Duplicacy accesses BackBlaze as S3 storage, e.g. s3://dummy_region@s3.us-west-001.backblazeb2.com/temp250908.
Tested with Duplicacy 3.2.5 on Linux.
Running
duplicacy initwith a BackBlaze website-generated API key works as expected:However, when I try to use an API key generated with the b2 CLI tool having the same scope and permissions as the web-generated key, it hangs in a loop attempting to call b2_authorize_account:
Here's how I generated the b2 CLI key, and a key list showing that the two keys have (theoretically) identical perms:
I asked BackBlaze support several times what is the difference between these two keys, but did not receive a meaningful response. I was told to use Rclone instead. 🤣
It should be noted that Duplicacy is using b2 API version 1, while the current recommended version is 4.
Support of CLI-generated keys is desirable as they provide the option to omit the
deleteFilespermission. While the bucket's Lifecycle setting is "Keep all versions", a key lacking that permission supports Duplicacy init/backup/restore/prune operations, but cannot be misused by an adversary to hard-delete existing files.Both keys work as expected when Duplicacy accesses BackBlaze as S3 storage, e.g.
s3://dummy_region@s3.us-west-001.backblazeb2.com/temp250908.Tested with Duplicacy 3.2.5 on Linux.