[pbs-devel] [PATCH proxmox-backup 0/7] add, persist and check key fingerprint
Fabian Grünbichler
f.gruenbichler at proxmox.com
Tue Nov 17 18:57:18 CET 2020
next improvements/follow-ups in this area:
- return fingerprint via SnapshotListItem, display somehow in GUI
(pending list_snapshot refactor which is waiting for review)
- filter snapshot list by fingerprint and/or crypt mode (for GUI, client, PVE)?
- display in PVE (storage key fingerprint in storage config view,
manifest fingerprint via new attribute mechanism once its returned by
list_snapshot?)
- postinst to fixup PVE generated keys via change-passphrase
- switch libproxmox-backup-qemu to just call crypt_config.fingerprint()
longer term ideas:
- some sort of keyring? multiple keys in a single keyfile to allow
rotation?
Fabian Grünbichler (7):
crypt config: add fingerprint mechanism
key: add fingerprint to key config
client: print key fingerprint and master key
client: add 'key show' command
fix #3139: add key fingerprint to manifest
manifest: check fingerprint when loading with key
client: check fingerprint after downloading manifest
src/backup/crypt_config.rs | 17 +++++-
src/backup/key_derivation.rs | 23 ++++++--
src/backup/manifest.rs | 33 ++++++++++++
src/bin/proxmox-backup-client.rs | 14 +++--
src/bin/proxmox_backup_client/benchmark.rs | 2 +-
src/bin/proxmox_backup_client/catalog.rs | 6 ++-
src/bin/proxmox_backup_client/key.rs | 63 ++++++++++++++++++++--
src/bin/proxmox_backup_client/mount.rs | 7 ++-
src/tools/format.rs | 58 ++++++++++++++++++++
9 files changed, 208 insertions(+), 15 deletions(-)
--
2.20.1
More information about the pbs-devel
mailing list