From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id CDBDE60061 for ; Wed, 2 Dec 2020 13:51:59 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id CBAB51B85D for ; Wed, 2 Dec 2020 13:51:59 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [212.186.127.180]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 63C601B850 for ; Wed, 2 Dec 2020 13:51:59 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 3253244441 for ; Wed, 2 Dec 2020 13:51:59 +0100 (CET) Date: Wed, 2 Dec 2020 13:51:55 +0100 (CET) From: Wolfgang Bumiller To: Proxmox Backup Server development discussion Message-ID: <1961513443.536.1606913516008@webmail.proxmox.com> In-Reply-To: <20201202123556.GE7591@gaia.proxmox.com> References: <20201119145608.16866-1-w.bumiller@proxmox.com> <20201202105650.GA7591@gaia.proxmox.com> <4c361a22-5caa-db5e-66b9-046638048fd5@proxmox.com> <20201202123556.GE7591@gaia.proxmox.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Priority: 3 Importance: Normal X-Mailer: Open-Xchange Mailer v7.10.4-Rev14 X-Originating-Client: open-xchange-appsuite X-SPAM-LEVEL: Spam detection results: 0 AWL 0.020 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_DNSWL_MED -2.3 Sender listed at https://www.dnswl.org/, medium trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pbs-devel] [RFC backup 0/6] Two factor authentication X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Dec 2020 12:51:59 -0000 > On 12/02/2020 1:35 PM Oguz Bektas wrote: > > > On Wed, Dec 02, 2020 at 01:27:47PM +0100, Thomas Lamprecht wrote: > > > 2. do not store recovery codes in cleartext (hash them instead, we thought > > > hmac-sha256 is fine). the reason being that recovery codes can bypass > > > other tfa methods so they shouldn't be visible > > > > make sense, would expect them to be hashed FWIW TOTP secrets can't be hashes since they're supposed to be, well, a shared secret > > > > > > 3. don't store all the tfa information in a single json file. > > > > > > > makes no sense to me, any reason you mention below can happen to arbitrary > > files, so just adds complexity while not gaining anything. Complexity is the wrong argument. The question is mainly whether we prefer lots of small or one big file. For PBS it's not even that important. It'll be more important when we add bindings for this to PVE where the file sizes are limited. With a file per user it's also easier for an admin to work on the files directly. And if we want to add counters, limitations or eg. store date & ip of the last time an entry was used, we won't be locking one big file at login time. Not that I expect millions of concurrent logins to be happening ;-)