public inbox for pbs-devel@lists.proxmox.com
 help / color / mirror / Atom feed
* [pbs-devel] [PATCH proxmox-backup 0/7] add, persist and check key fingerprint
@ 2020-11-17 17:57 Fabian Grünbichler
  2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 1/7] crypt config: add fingerprint mechanism Fabian Grünbichler
                   ` (7 more replies)
  0 siblings, 8 replies; 17+ messages in thread
From: Fabian Grünbichler @ 2020-11-17 17:57 UTC (permalink / raw)
  To: pbs-devel

next improvements/follow-ups in this area:
- return fingerprint via SnapshotListItem, display somehow in GUI
  (pending list_snapshot refactor which is waiting for review)
- filter snapshot list by fingerprint and/or crypt mode (for GUI, client, PVE)?
- display in PVE (storage key fingerprint in storage config view,
  manifest fingerprint via new attribute mechanism once its returned by
  list_snapshot?)
- postinst to fixup PVE generated keys via change-passphrase
- switch libproxmox-backup-qemu to just call crypt_config.fingerprint()

longer term ideas:
- some sort of keyring? multiple keys in a single keyfile to allow
  rotation?

Fabian Grünbichler (7):
  crypt config: add fingerprint mechanism
  key: add fingerprint to key config
  client: print key fingerprint and master key
  client: add 'key show' command
  fix #3139: add key fingerprint to manifest
  manifest: check fingerprint when loading with key
  client: check fingerprint after downloading manifest

 src/backup/crypt_config.rs                 | 17 +++++-
 src/backup/key_derivation.rs               | 23 ++++++--
 src/backup/manifest.rs                     | 33 ++++++++++++
 src/bin/proxmox-backup-client.rs           | 14 +++--
 src/bin/proxmox_backup_client/benchmark.rs |  2 +-
 src/bin/proxmox_backup_client/catalog.rs   |  6 ++-
 src/bin/proxmox_backup_client/key.rs       | 63 ++++++++++++++++++++--
 src/bin/proxmox_backup_client/mount.rs     |  7 ++-
 src/tools/format.rs                        | 58 ++++++++++++++++++++
 9 files changed, 208 insertions(+), 15 deletions(-)

-- 
2.20.1





^ permalink raw reply	[flat|nested] 17+ messages in thread

end of thread, other threads:[~2020-11-23  8:17 UTC | newest]

Thread overview: 17+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-17 17:57 [pbs-devel] [PATCH proxmox-backup 0/7] add, persist and check key fingerprint Fabian Grünbichler
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 1/7] crypt config: add fingerprint mechanism Fabian Grünbichler
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 2/7] key: add fingerprint to key config Fabian Grünbichler
2020-11-18  8:48   ` Wolfgang Bumiller
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 3/7] client: print key fingerprint and master key Fabian Grünbichler
2020-11-17 18:38   ` Thomas Lamprecht
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 4/7] client: add 'key show' command Fabian Grünbichler
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 5/7] add key fingerprint to manifest Fabian Grünbichler
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 6/7] fix #3139: manifest: check fingerprint when loading with key Fabian Grünbichler
2020-11-17 17:57 ` [pbs-devel] [PATCH proxmox-backup 7/7] client: check fingerprint after downloading manifest Fabian Grünbichler
2020-11-18  5:27 ` [pbs-devel] [PATCH proxmox-backup 0/7] add, persist and check key fingerprint Dietmar Maurer
2020-11-18  5:47   ` Dietmar Maurer
2020-11-18  6:47     ` Thomas Lamprecht
2020-11-18  8:27       ` Fabian Grünbichler
2020-11-18  8:54         ` Dietmar Maurer
2020-11-23  7:55         ` Dietmar Maurer
2020-11-23  8:16           ` Fabian Grünbichler

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal