[pbs-devel] [RFC proxmox-backup] add "password hint" to KeyConfig

Fabian Grünbichler f.gruenbichler at proxmox.com
Wed Jan 20 19:20:12 CET 2021


> Dietmar Maurer <dietmar at proxmox.com> hat am 20.01.2021 17:59 geschrieben:
> 
>  
> > does it make sense to split the "public" (misleading naming ;)) and 
> > private part in tape_encryption_keys.rs? it seems to me that we 
> > access/modify them together, so we might want to make it a single file 
> > to avoid running out of sync? i.e., EncryptionKeyInfo could just get the 
> > KeyConfig as field as well, and we store a list/map of those..
> 
> I have done the split to protect the private part (only accessible by root).
> The public part can be accessed (and even modified (change password) by user backup).

not sure whether that's appropriate - the KeyConfig part is just as well-protected as the user's password choice, so unless there is a reason why this *has* to be accessible by user backup I'd make it root only as well.. anything actually using the key needs to run as root anyhow, so the password change can as well..

there is no public (as in, I don't care who can access this) and private part. there is an unprotected and a semi-protected encoding of the same secret..





More information about the pbs-devel mailing list