[pbs-devel] [PATCH proxmox-backup 1/2] inform user when using default encryption key
Stoiko Ivanov
s.ivanov at proxmox.com
Wed Nov 11 16:33:21 CET 2020
Currently if you generate a default encryption key:
`proxmox-backup-client key create --kdf none`
all backup operations which don't explicitly disable encryption will be
encrypted with this key.
I found it quite surprising, that my backups were all encrypted without
me explicitly specfying neither key nor encryption mode
This patch informs the user when the default key is used (and no
crypt-mode is provided explicitly)
Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
---
src/bin/proxmox-backup-client.rs | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/bin/proxmox-backup-client.rs b/src/bin/proxmox-backup-client.rs
index 2d05f622..79031d72 100644
--- a/src/bin/proxmox-backup-client.rs
+++ b/src/bin/proxmox-backup-client.rs
@@ -817,7 +817,10 @@ fn keyfile_parameters(param: &Value) -> Result<(Option<Vec<u8>>, CryptMode), Err
Ok(match (keydata, crypt_mode) {
// no parameters:
(None, None) => match key::read_optional_default_encryption_key()? {
- Some(key) => (Some(key), CryptMode::Encrypt),
+ Some(key) => {
+ println!("Encrypting with default encryption key!");
+ (Some(key), CryptMode::Encrypt)
+ },
None => (None, CryptMode::None),
},
--
2.20.1
More information about the pbs-devel
mailing list