From: Wolfgang Bumiller <w.bumiller@proxmox.com>
To: Proxmox Backup Server development discussion
<pbs-devel@lists.proxmox.com>
Subject: Re: [pbs-devel] [RFC backup 0/6] Two factor authentication
Date: Wed, 2 Dec 2020 13:51:55 +0100 (CET) [thread overview]
Message-ID: <1961513443.536.1606913516008@webmail.proxmox.com> (raw)
In-Reply-To: <20201202123556.GE7591@gaia.proxmox.com>
> On 12/02/2020 1:35 PM Oguz Bektas <o.bektas@proxmox.com> wrote:
>
>
> On Wed, Dec 02, 2020 at 01:27:47PM +0100, Thomas Lamprecht wrote:
> > > 2. do not store recovery codes in cleartext (hash them instead, we thought
> > > hmac-sha256 is fine). the reason being that recovery codes can bypass
> > > other tfa methods so they shouldn't be visible
> >
> > make sense, would expect them to be hashed
FWIW TOTP secrets can't be hashes since they're supposed to be,
well, a shared secret
> > >
> > > 3. don't store all the tfa information in a single json file.
> > >
> >
> > makes no sense to me, any reason you mention below can happen to arbitrary
> > files, so just adds complexity while not gaining anything.
Complexity is the wrong argument. The question is mainly whether we prefer
lots of small or one big file. For PBS it's not even that important. It'll
be more important when we add bindings for this to PVE where the file sizes
are limited.
With a file per user it's also easier for an admin to work on the files
directly. And if we want to add counters, limitations or eg. store date & ip
of the last time an entry was used, we won't be locking one big file at login
time. Not that I expect millions of concurrent logins to be happening ;-)
next prev parent reply other threads:[~2020-12-02 12:51 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-19 14:56 Wolfgang Bumiller
2020-11-19 14:56 ` [pbs-devel] [RFC backup 1/6] add tools::serde_filter submodule Wolfgang Bumiller
2020-11-19 14:56 ` [pbs-devel] [RFC backup 2/6] config: add tfa configuration Wolfgang Bumiller
2020-11-19 14:56 ` [pbs-devel] [RFC backup 3/6] api: tfa management and login Wolfgang Bumiller
2020-11-19 14:56 ` [pbs-devel] [RFC backup 4/6] depend on libjs-qrcodejs Wolfgang Bumiller
2020-11-19 14:56 ` [pbs-devel] [RFC backup 5/6] proxy: expose qrcodejs Wolfgang Bumiller
2020-11-19 14:56 ` [pbs-devel] [RFC backup 6/6] gui: tfa support Wolfgang Bumiller
2020-11-24 9:42 ` Wolfgang Bumiller
2020-11-24 9:51 ` Thomas Lamprecht
2020-12-02 10:56 ` [pbs-devel] [RFC backup 0/6] Two factor authentication Oguz Bektas
2020-12-02 12:27 ` Thomas Lamprecht
2020-12-02 12:34 ` Thomas Lamprecht
2020-12-02 12:48 ` Oguz Bektas
2020-12-02 12:59 ` Wolfgang Bumiller
2020-12-02 13:08 ` Oguz Bektas
2020-12-02 12:35 ` Oguz Bektas
2020-12-02 12:51 ` Wolfgang Bumiller [this message]
2020-12-02 13:15 ` Thomas Lamprecht
2020-12-02 13:07 ` Thomas Lamprecht
2020-12-02 13:35 ` Oguz Bektas
2020-12-02 14:05 ` Thomas Lamprecht
2020-12-02 14:21 ` Oguz Bektas
2020-12-02 14:29 ` Wolfgang Bumiller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1961513443.536.1606913516008@webmail.proxmox.com \
--to=w.bumiller@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox