On attempting to restore the backup on my ubuntu laptop, kept getting the error “Fatal: wrong password or no key found” even though the RESTIC_PASSWORD environment variable was being attempted to be set to the same password string using the ‘export’ command on my bash script. Also, passing in the password manually on the command line was leading to the same error, but running restore on the windows machine was working fine. Found with further troubleshooting, that trying to enter the password on the powershell command line was too causing the same error. Putting the password into a file and using RESTIC_PASSWORD_FILE too didn’t help!
Solution:
I am not sure why special characters were being truncated when env variable was set in the windows machine using the ‘set’ command on the batch script(Google search didn’t help here). I had a “%8” and a “^” in the password string that was being truncated. Therefore, the actual password of the remote repository didn’t have these characters in the password!
Took me a wasted day to figure this out. Hope it helps someone.
Even though this is not a bug in Restic, it would help if the password could be passed into Restic using a config file to avoid this special-char-truncation problem when setting environment variables.
Well, it wouldn’t work as the actual repo password didn’t have the “%8” and “^” chars in the password when initiated, as these had been truncated from the password exported to the environment variable. So, the password in the password file was incorrect even though it was the same string as that exported as env variable.
@doscott That’s right. For some reason in the repo init script, the env variables couldn’t be set on win 2008 server when using quotes, but worked when I removed the quotes. That is what led to the problem. I’m sure it was an error in the script. Learnt a lesson not to use unquoted strings when setting env vars.
How you find which characters are truncated? I have the similar weird behaviour. On the windows system when I init the repository, I can pass the password to the cli just fine using CTR-V (I copied the value of the password from password manager). However it does not work when I paste using shift+insert, it does not work in other machine too (whether it is Windows or Linux).
You will need to provide more information before someone can assist you.
Are you providing the password when running restic or via the environment? Can you run the snapshots command on the same computer that you used to init the repository by pasting the password the same way? What version of restic are you using, what backend? What OSes and versions?
Can you provide copy and paste of your terminal sessions so we can see exactly what you are doing.
I’m having trouble with restic passwords. Here’s what’s happening:
The Problem:
I created a repo on Windows 11 (restic 0.16.4) using restic init -r D:\Restic and pasted the password with Ctrl+V.
restic snapshots works fine when I use Ctrl+V for the password on this machine.
BUT, Shift+Insert to paste the password doesn’t work, and neither does using environment variables or --password-file.
I copied the repo to Google Drive and tried accessing it from another Windows 11 machine and an Ubuntu 22.04 machine (restic 0.17.3).
None of the password entry methods work on these machines: Ctrl+V, Shift+Insert, environment variables, or --password-file. I always get the “wrong password or no key found” error.
My Suspicion:
It seems like restic might be misinterpreting or truncating the password during the init command. This would explain why Ctrl+V works on the original machine (maybe it’s somehow bypassing the issue) but nothing else works anywhere.
Has anyone else experienced this? Any ideas on what might be going wrong or how to fix it?
I have this issue, i’m moving an external drive from one winbox to another and when I tryo to just list keys or check repo, after entering the correct password (by typing it and copy paste), it gives me that error. Need to find a way for the restic instance on that new machine to read the paremeters on the repo.
But then running a backup creates a failure on password:
restic -r $RESTIC_REPOSITORY -p $RESTIC_PASSWORD backup /etc
Resolving password failed: Fatal: mypassword does not exist
The first issue is obviously that restic is unable to use the password, even though it’s just given it back to me, the second is that it’s now put my password into my terminal history, which I have to purge.
Just to check:
echo $RESTIC_PASSWORD
mypassword
It all checks out. If the password is correct and terminal can see the EV and expand it correctly, why isn’t restic able to use it?
I’ve also, as per other similar threads, tried putting the password into quotation marks and also double curly braces. Nothing seems to work.
Is difficult to give advice with only descriptions of your actions.
One possibility is that your passwords contain shell meta characters that are being interpreted by the shell if provided on command line or in environment variables and not being passed to restic.
Id recommend using the same method to provide passwords right from the init of repo and put it in a file that has restricted permissions.
This way it will always work running interactively from the shell and also in automation.
So use the RESTIC_PASSWORD_FILE environment variable.
When using the appropriate environment variables (which look correct in your example), just leave away the corresponding parameters -r and -p and it should work fine.