I have configured tklbam and use local storage for my backups (as described here). It is not clear to me if I need to store the keys everytime I do a backup. I use:
tklbam-escrow -P /local/storage/key
Do I need to do this everytime I execute the following? Or is doing it once enough for all backups on that machine?
tklbam-backup --address file:///local/storage/backup
In fact, it is not exceptionally clear to me what the escrow key is. Honestly, I would prefer to store my backups uncrypted (i.e. using the --no-encryption option with duplicity) because I don't need an extra layer of security on our local file server (where the backups are stored). As far as I know, there is no way to have tklbam send this parameter to duplicity. Is that correct?