######################################################
## gpg section
## (how to encrypt and optionnally sign the backups)
+##
+## WARNING: old (pre-0.9.2) example.dup used to give wrong information about
+## the way the following options are used. Please read ahead
+## carefully.
+##
+## If the encryptkey variable is set:
+## - data is encrypted with the GnuPG public key specified by the encryptkey
+## variable
+## - if signing is enabled, the password variable is used to unlock the GnuPG
+## private key used for signing; else, you do not need to set the password
+## variable
+## If the encryptkey option is not set:
+## - data signing is not possible
+## - the password variable is used to encrypt the data with symmetric
+## encryption: no GnuPG key pair is needed
[gpg]
-# passphrase needed to unlock the GnuPG key
-# NB: do not quote it, and it should not contain any quote
-password = a_very_complicated_passphrase
-
+# when set to yes, encryptkey variable must be set bellow; if you want to use
+# two different keys for encryption and signing, you must also set the signkey
+# variable bellow.
# default is no, for backward compatibility with backupninja <= 0.5.
-# when set to yes, encryptkey option must be set below.
sign = yes
-# key ID used for data encryption and, optionnally, signing.
-# if not set, local root's default gpg key is used.
+# ID of the GnuPG public key used for data encryption.
+# if not set, symmetric encryption is used, and data signing is not possible.
encryptkey = 04D9EA79
+# ID of the GnuPG private key used for data signing.
+# if not set, encryptkey will be used.
+#signkey = 04D9EA79
+
+# password
+# NB: do not quote it, and it should not contain any quote
+password = a_very_complicated_passphrase
+
######################################################
## source section
## (where the files to be backed up are coming from)