Notes
This commit is contained in:
Bob Mottram
parent
818282650c
commit
d128a5f762
|
|
@ -8,8 +8,16 @@
|
|||
#
|
||||
# Freedom in the Cloud
|
||||
#
|
||||
# Simple multi-user password store using symmetric encryption
|
||||
# and the backup gpg key
|
||||
# It's useful to be able to store user passwords, but not a good
|
||||
# idea to do that in plain text. This implements a simple password
|
||||
# store. It gpg symmetric encrypts passwords using the backups
|
||||
# private key as the passphrase.
|
||||
#
|
||||
# In order for an adversary to obtain the passwords they must have
|
||||
# the backups GPG key, which is not obtainable from local or remote
|
||||
# backups and can only happen if they get root access to the system
|
||||
# (in which case it's game over anyhow) or if they can decrypt
|
||||
# a master keydrive or obtain sufficient keydrive fragments.
|
||||
#
|
||||
# License
|
||||
# =======
|
||||
|
|
@ -103,6 +111,8 @@ do
|
|||
done
|
||||
|
||||
get_backup_key_id
|
||||
|
||||
# Use the backups private key as a symmetric passphrase
|
||||
MASTER_PASSWORD=$(gpg -q --armor --export-secret-key $MY_BACKUP_KEY_ID)
|
||||
|
||||
if [ ! $CURR_USERNAME ]; then
|
||||
|
|
|
|||
Loading…
Reference in New Issue