From: "Fabian Grünbichler" <f.gruenbichler@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH proxmox-backup 0/7] add, persist and check key fingerprint
Date: Tue, 17 Nov 2020 18:57:18 +0100 [thread overview]
Message-ID: <20201117175725.3634238-1-f.gruenbichler@proxmox.com> (raw)
next improvements/follow-ups in this area:
- return fingerprint via SnapshotListItem, display somehow in GUI
(pending list_snapshot refactor which is waiting for review)
- filter snapshot list by fingerprint and/or crypt mode (for GUI, client, PVE)?
- display in PVE (storage key fingerprint in storage config view,
manifest fingerprint via new attribute mechanism once its returned by
list_snapshot?)
- postinst to fixup PVE generated keys via change-passphrase
- switch libproxmox-backup-qemu to just call crypt_config.fingerprint()
longer term ideas:
- some sort of keyring? multiple keys in a single keyfile to allow
rotation?
Fabian Grünbichler (7):
crypt config: add fingerprint mechanism
key: add fingerprint to key config
client: print key fingerprint and master key
client: add 'key show' command
fix #3139: add key fingerprint to manifest
manifest: check fingerprint when loading with key
client: check fingerprint after downloading manifest
src/backup/crypt_config.rs | 17 +++++-
src/backup/key_derivation.rs | 23 ++++++--
src/backup/manifest.rs | 33 ++++++++++++
src/bin/proxmox-backup-client.rs | 14 +++--
src/bin/proxmox_backup_client/benchmark.rs | 2 +-
src/bin/proxmox_backup_client/catalog.rs | 6 ++-
src/bin/proxmox_backup_client/key.rs | 63 ++++++++++++++++++++--
src/bin/proxmox_backup_client/mount.rs | 7 ++-
src/tools/format.rs | 58 ++++++++++++++++++++
9 files changed, 208 insertions(+), 15 deletions(-)
--
2.20.1
next reply other threads:[~2020-11-17 17:58 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-17 17:57 Fabian Grünbichler [this message]
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 1/7] crypt config: add fingerprint mechanism Fabian Grünbichler
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 2/7] key: add fingerprint to key config Fabian Grünbichler
2020-11-18 8:48 ` Wolfgang Bumiller
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 3/7] client: print key fingerprint and master key Fabian Grünbichler
2020-11-17 18:38 ` Thomas Lamprecht
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 4/7] client: add 'key show' command Fabian Grünbichler
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 5/7] add key fingerprint to manifest Fabian Grünbichler
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 6/7] fix #3139: manifest: check fingerprint when loading with key Fabian Grünbichler
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 7/7] client: check fingerprint after downloading manifest Fabian Grünbichler
2020-11-18 5:27 ` [pbs-devel] [PATCH proxmox-backup 0/7] add, persist and check key fingerprint Dietmar Maurer
2020-11-18 5:47 ` Dietmar Maurer
2020-11-18 6:47 ` Thomas Lamprecht
2020-11-18 8:27 ` Fabian Grünbichler
2020-11-18 8:54 ` Dietmar Maurer
2020-11-23 7:55 ` Dietmar Maurer
2020-11-23 8:16 ` Fabian Grünbichler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201117175725.3634238-1-f.gruenbichler@proxmox.com \
--to=f.gruenbichler@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal