[pbs-devel] [PATCH proxmox-backup 0/7] add, persist and check key fingerprint
Fabian Grünbichler
f.gruenbichler at proxmox.com
Mon Nov 23 09:16:32 CET 2020
On November 23, 2020 8:55 am, Dietmar Maurer wrote:
>> should we switch it altogether, or just truncate it on display? IMHO for
>> Qemu I'd like to keep the full digest/fingerprint, since there a
>> skipped collision means corrupt backups, not running into the next
>> error and bailing out..
>
> Just noticed that is a different use case, where we need to be exact. To be
> 100% sure, we would even need to compare the key raw data. But yes, we want
> to avoid keeping the old key in memory).
>
> But we already have code there to do it correctly, so why do you thing
> an 8byte fingerprint affects that at all?
>
> see proxmox-backup-qemu commit 5a82749a29821bae756bb8c25dc459a3c08301d1
>
I did that change ;) I meant that we can switch that over to just use
the fingerprint() function in CryptConfig, but obviously not if that
returns some collision-prone, shortened version..
More information about the pbs-devel
mailing list