diff --git a/src/borg/crypto/key.py b/src/borg/crypto/key.py index 12fc9ee7f6..c3b44b4b41 100644 --- a/src/borg/crypto/key.py +++ b/src/borg/crypto/key.py @@ -371,6 +371,8 @@ def detect(cls, repository, manifest_data): passphrase = Passphrase.getpass(prompt) if key.load(target, passphrase): break + else: + Passphrase.display_debug_info(passphrase) else: raise PasswordRetriesExceeded else: diff --git a/src/borg/helpers/passphrase.py b/src/borg/helpers/passphrase.py index 14288e04c6..0c3973d5b3 100644 --- a/src/borg/helpers/passphrase.py +++ b/src/borg/helpers/passphrase.py @@ -118,6 +118,11 @@ def verification(cls, passphrase): print( "Your passphrase (UTF-8 encoding in hex): %s" % bin_to_hex(passphrase.encode("utf-8")), file=sys.stderr ) + print( + "It is recommended to keep the UTF-8 encoding in hex together with the passphrase at a safe place. " + "In case you should ever run into passphrase issues, it could sometimes help debugging them.\n", + file=sys.stderr, + ) try: passphrase.encode("ascii") except UnicodeEncodeError: @@ -129,12 +134,16 @@ def verification(cls, passphrase): @staticmethod def display_debug_info(passphrase): - print( - "Incorrect passphrase (UTF-8 encoding in hex): %s" % bin_to_hex(passphrase.encode("utf-8")), file=sys.stderr - ) + print("Incorrect passphrase!", file=sys.stderr) + print(f'Passphrase used (between double-quotes): "{passphrase}"', file=sys.stderr) + print(f'Same, UTF-8 encoded, in hex: {bin_to_hex(passphrase.encode("utf-8"))}', file=sys.stderr) + print("Relevant Environment Variables:", file=sys.stderr) for env_var in ["BORG_PASSPHRASE", "BORG_PASSCOMMAND", "BORG_PASSPHRASE_FD"]: env_var_value = os.environ.get(env_var) - print(f"{env_var} = {env_var_value}", file=sys.stderr) + if env_var_value is not None: + print(f'{env_var} = "{env_var_value}"', file=sys.stderr) + else: + print(f"# {env_var} is not set", file=sys.stderr) @classmethod def new(cls, allow_empty=False): diff --git a/src/borg/testsuite/helpers_test.py b/src/borg/testsuite/helpers_test.py index 1191bcaa91..d50e7ae521 100644 --- a/src/borg/testsuite/helpers_test.py +++ b/src/borg/testsuite/helpers_test.py @@ -1417,11 +1417,12 @@ def test_passphrase_wrong(self, capsys, monkeypatch): raise PassphraseWrong("wrong_passphrase") out, err = capsys.readouterr() - assert "Incorrect passphrase (UTF-8 encoding in hex)" in err + assert "Incorrect passphrase!" in err + assert 'Passphrase used (between double-quotes): "wrong_passphrase"' in err assert "77726f6e675f70617373706872617365" in err - assert "BORG_PASSPHRASE = wrong_passphrase" in err - assert "BORG_PASSCOMMAND = echo wrong_passphrase" in err - assert "BORG_PASSPHRASE_FD = 123" in err + assert "BORG_PASSPHRASE" in err + assert "BORG_PASSCOMMAND" in err + assert "BORG_PASSPHRASE_FD" in err assert str(exc_info.value) == ( "passphrase supplied in BORG_PASSPHRASE, by BORG_PASSCOMMAND or via BORG_PASSPHRASE_FD is incorrect." @@ -1457,11 +1458,12 @@ def test_display_debug_info(self, capsys, monkeypatch): Passphrase.display_debug_info(passphrase) out, err = capsys.readouterr() - assert "Incorrect passphrase (UTF-8 encoding in hex)" in err + assert "Incorrect passphrase!" in err + assert 'Passphrase used (between double-quotes): "debug_test"' in err assert "64656275675f74657374" in err # UTF-8 hex encoding of 'debug_test' - assert "BORG_PASSPHRASE = debug_env_passphrase" in err - assert "BORG_PASSCOMMAND = command" in err - assert "BORG_PASSPHRASE_FD = fd_value" in err + assert "BORG_PASSPHRASE" in err + assert "BORG_PASSCOMMAND" in err + assert "BORG_PASSPHRASE_FD" in err @pytest.mark.parametrize(