* [pve-devel] [PATCH docs] pbs storage: consistently talk about the storage key
@ 2020-11-26 8:20 Fabian Ebner
2020-11-26 9:44 ` [pve-devel] applied: " Fabian Grünbichler
0 siblings, 1 reply; 2+ messages in thread
From: Fabian Ebner @ 2020-11-26 8:20 UTC (permalink / raw)
To: pve-devel
instead of master key.
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
---
Sorry, I missed this yesterday.
pve-storage-pbs.adoc | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/pve-storage-pbs.adoc b/pve-storage-pbs.adoc
index a382082..c22f5b3 100644
--- a/pve-storage-pbs.adoc
+++ b/pve-storage-pbs.adoc
@@ -101,19 +101,19 @@ a key on that system. If the system then becomes inaccessible for any reason
and needs to be restored, this will not be possible as the encryption key will be
lost along with the broken system.
-It is recommended that you keep your keys safe, but easily accessible, in
+It is recommended that you keep your key safe, but easily accessible, in
order for quick disaster recovery. For this reason, the best place to store it
is in your password manager, where it is immediately recoverable. As a backup to
this, you should also save the key to a USB drive and store that in a secure
place. This way, it is detached from any system, but is still easy to recover
from, in case of emergency. Finally, in preparation for the worst case scenario,
-you should also consider keeping a paper copy of your master key locked away in
-a safe place. The `paperkey` subcommand can be used to create a QR encoded
-version of your master key. The following command sends the output of the
-`paperkey` command to a text file, for easy printing.
+you should also consider keeping a paper copy of your key locked away in a safe
+place. The `paperkey` subcommand can be used to create a QR encoded version of
+your key. The following command sends the output of the `paperkey` command to
+a text file, for easy printing.
----
-# proxmox-backup-client key paperkey --output-format text > qrkey.txt
+# proxmox-backup-client key paperkey /etc/pve/priv/storage/<STORAGE-ID>.enc --output-format text > qrkey.txt
----
Because the encryption is managed on the client side, you can use the same
--
2.20.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* [pve-devel] applied: [PATCH docs] pbs storage: consistently talk about the storage key
2020-11-26 8:20 [pve-devel] [PATCH docs] pbs storage: consistently talk about the storage key Fabian Ebner
@ 2020-11-26 9:44 ` Fabian Grünbichler
0 siblings, 0 replies; 2+ messages in thread
From: Fabian Grünbichler @ 2020-11-26 9:44 UTC (permalink / raw)
To: Proxmox VE development discussion
with followup in pve-manager for the same issue:
diff --git a/www/manager6/storage/PBSEdit.js b/www/manager6/storage/PBSEdit.js
index 81edb2a0..e7585de0 100644
--- a/www/manager6/storage/PBSEdit.js
+++ b/www/manager6/storage/PBSEdit.js
@@ -40,7 +40,7 @@ Ext.define('PVE.Storage.PBSKeyShow', {
},
{
xtype: 'component',
- html: gettext('Keep your master key safe, but easily accessible for disaster recovery.')
+ html: gettext('Keep your encryption key safe, but easily accessible for disaster recovery.')
+ '<br>' + gettext('We recommend the following safe-keeping strategy:'),
},
{
On November 26, 2020 9:20 am, Fabian Ebner wrote:
> instead of master key.
>
> Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
> ---
>
> Sorry, I missed this yesterday.
>
> pve-storage-pbs.adoc | 12 ++++++------
> 1 file changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/pve-storage-pbs.adoc b/pve-storage-pbs.adoc
> index a382082..c22f5b3 100644
> --- a/pve-storage-pbs.adoc
> +++ b/pve-storage-pbs.adoc
> @@ -101,19 +101,19 @@ a key on that system. If the system then becomes inaccessible for any reason
> and needs to be restored, this will not be possible as the encryption key will be
> lost along with the broken system.
>
> -It is recommended that you keep your keys safe, but easily accessible, in
> +It is recommended that you keep your key safe, but easily accessible, in
> order for quick disaster recovery. For this reason, the best place to store it
> is in your password manager, where it is immediately recoverable. As a backup to
> this, you should also save the key to a USB drive and store that in a secure
> place. This way, it is detached from any system, but is still easy to recover
> from, in case of emergency. Finally, in preparation for the worst case scenario,
> -you should also consider keeping a paper copy of your master key locked away in
> -a safe place. The `paperkey` subcommand can be used to create a QR encoded
> -version of your master key. The following command sends the output of the
> -`paperkey` command to a text file, for easy printing.
> +you should also consider keeping a paper copy of your key locked away in a safe
> +place. The `paperkey` subcommand can be used to create a QR encoded version of
> +your key. The following command sends the output of the `paperkey` command to
> +a text file, for easy printing.
>
> ----
> -# proxmox-backup-client key paperkey --output-format text > qrkey.txt
> +# proxmox-backup-client key paperkey /etc/pve/priv/storage/<STORAGE-ID>.enc --output-format text > qrkey.txt
> ----
>
> Because the encryption is managed on the client side, you can use the same
> --
> 2.20.1
>
>
>
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>
>
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-11-26 9:44 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-26 8:20 [pve-devel] [PATCH docs] pbs storage: consistently talk about the storage key Fabian Ebner
2020-11-26 9:44 ` [pve-devel] applied: " Fabian Grünbichler
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox