[pbs-devel] [RFC backup 0/6] Two factor authentication

Thomas Lamprecht t.lamprecht at proxmox.com
Wed Dec 2 13:34:25 CET 2020


On 02.12.20 13:27, Thomas Lamprecht wrote:
> - file could get leaked in a backup etc., giving everyone's tfa secrets
> and/or recovery keys to attackers (bypass everything)

for the record, that does *not* "bypass everything", it's a *second* factor
after all. Further, if recovery keys are hashed they do not leak information.
For others it varies, but I do not like that sort of blanket statement without
implying any reasonable vector at all, we and most unix system have such
information in one place /etc/shadow, our shadow in /etc/pve/ and consorts,
it needs clear documentation about what files are sensible (you should send a
patch for that) but that's it.
(and as said, splitting it up will not avoid leaking all of them in a backup vs. just
one of it).





More information about the pbs-devel mailing list