all lists on lists.proxmox.com
 help / color / mirror / Atom feed
* [pbs-devel] [PATCH proxmox-backup 0/7] add, persist and check key fingerprint
@ 2020-11-17 17:57 Fabian Grünbichler
  2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 1/7] crypt config: add fingerprint mechanism Fabian Grünbichler
                   ` (7 more replies)
  0 siblings, 8 replies; 17+ messages in thread
From: Fabian Grünbichler @ 2020-11-17 17:57 UTC (permalink / raw)
  To: pbs-devel

next improvements/follow-ups in this area:
- return fingerprint via SnapshotListItem, display somehow in GUI
  (pending list_snapshot refactor which is waiting for review)
- filter snapshot list by fingerprint and/or crypt mode (for GUI, client, PVE)?
- display in PVE (storage key fingerprint in storage config view,
  manifest fingerprint via new attribute mechanism once its returned by
  list_snapshot?)
- postinst to fixup PVE generated keys via change-passphrase
- switch libproxmox-backup-qemu to just call crypt_config.fingerprint()

longer term ideas:
- some sort of keyring? multiple keys in a single keyfile to allow
  rotation?

Fabian Grünbichler (7):
  crypt config: add fingerprint mechanism
  key: add fingerprint to key config
  client: print key fingerprint and master key
  client: add 'key show' command
  fix #3139: add key fingerprint to manifest
  manifest: check fingerprint when loading with key
  client: check fingerprint after downloading manifest

 src/backup/crypt_config.rs                 | 17 +++++-
 src/backup/key_derivation.rs               | 23 ++++++--
 src/backup/manifest.rs                     | 33 ++++++++++++
 src/bin/proxmox-backup-client.rs           | 14 +++--
 src/bin/proxmox_backup_client/benchmark.rs |  2 +-
 src/bin/proxmox_backup_client/catalog.rs   |  6 ++-
 src/bin/proxmox_backup_client/key.rs       | 63 ++++++++++++++++++++--
 src/bin/proxmox_backup_client/mount.rs     |  7 ++-
 src/tools/format.rs                        | 58 ++++++++++++++++++++
 9 files changed, 208 insertions(+), 15 deletions(-)

-- 
2.20.1





^ permalink raw reply	[flat|nested] 17+ messages in thread

end of thread, other threads:[~2020-11-23  8:17 UTC | newest]

Thread overview: 17+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-17 17:57 [pbs-devel] [PATCH proxmox-backup 0/7] add, persist and check key fingerprint Fabian Grünbichler
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 1/7] crypt config: add fingerprint mechanism Fabian Grünbichler
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 2/7] key: add fingerprint to key config Fabian Grünbichler
2020-11-18  8:48   ` Wolfgang Bumiller
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 3/7] client: print key fingerprint and master key Fabian Grünbichler
2020-11-17 18:38   ` Thomas Lamprecht
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 4/7] client: add 'key show' command Fabian Grünbichler
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 5/7] add key fingerprint to manifest Fabian Grünbichler
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 6/7] fix #3139: manifest: check fingerprint when loading with key Fabian Grünbichler
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 7/7] client: check fingerprint after downloading manifest Fabian Grünbichler
2020-11-18  5:27 ` [pbs-devel] [PATCH proxmox-backup 0/7] add, persist and check key fingerprint Dietmar Maurer
2020-11-18  5:47   ` Dietmar Maurer
2020-11-18  6:47     ` Thomas Lamprecht
2020-11-18  8:27       ` Fabian Grünbichler
2020-11-18  8:54         ` Dietmar Maurer
2020-11-23  7:55         ` Dietmar Maurer
2020-11-23  8:16           ` Fabian Grünbichler

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal