[pbs-devel] applied: [PATCH proxmox-backup v7] fix #3854 paperkey import to proxmox-tape
Markus Frank
m.frank at proxmox.com
Thu Apr 7 11:42:45 CEST 2022
Thanks, nothing is missing and everything should work similar to before.
Commands I tested (valid):
proxmox-tape key restore --key '{...}'
proxmox-tape key restore --key-file paperkey.json
proxmox-tape key restore --key-file paperkey.backup # with markers
proxmox-tape key restore --drive drive1
Error:
proxmox-tape key restore --key-file paperkey.json --key '{"kdf": {...'
proxmox-tape key restore --drive drive1 --key '{"kdf": {...'
proxmox-tape key restore --drive drive1 --key-file test123
proxmox-tape key restore --drive drive1 --key-file test123 \
--key '{"kdf": {...'
On 4/6/22 16:35, Thomas Lamprecht wrote:
> On 24.03.22 12:49, Markus Frank wrote:
>> added a parameter to the cli for importing tape key via a json-parameter or
>> via reading a exported paperkey-file or json-file.
>> For this i also added a backupkey parameter to the api, but here it only
>> accepts json.
>>
>> The cli interprets the parameter first as json-string, then json-file
>> and last as paperkey-file.
>>
>> functionality:
>> proxmox-tape key paperkey [fingerprint of existing key] > paperkey.backup
>> proxmox-tape key restore --backupkey paperkey.backup # key from line above
>> proxmox-tape key restore --backupkey paperkey.json # only the json
>> proxmox-tape key restore --backupkey '{"kdf": {"Scrypt": ...' # json as string
>>
>> for importing the key as paperkey-file it is irrelevant, if the paperkey got exported as html
>> or txt.
>>
>> Signed-off-by: Markus Frank <m.frank at proxmox.com>
>> ---
>
>> src/api2/tape/drive.rs | 65 +++++++++++++++++++-------
>> src/bin/proxmox_tape/encryption_key.rs | 59 +++++++++++++++++++++--
>> 2 files changed, 102 insertions(+), 22 deletions(-)
>>
>>
>
> applied, thanks! While this was OK code-wise I made a not so small followup commit
> for some semantic changes, mostly it was for splitting CLI behavior for key-string
> vs. key-file again. Would appreciate if you also re-take a look to ensure I did
> not botched something in progress.
More information about the pbs-devel
mailing list