Notes
This commit is contained in:
parent
818282650c
commit
d128a5f762
|
@ -8,8 +8,16 @@
|
||||||
#
|
#
|
||||||
# Freedom in the Cloud
|
# Freedom in the Cloud
|
||||||
#
|
#
|
||||||
# Simple multi-user password store using symmetric encryption
|
# It's useful to be able to store user passwords, but not a good
|
||||||
# and the backup gpg key
|
# idea to do that in plain text. This implements a simple password
|
||||||
|
# store. It gpg symmetric encrypts passwords using the backups
|
||||||
|
# private key as the passphrase.
|
||||||
|
#
|
||||||
|
# In order for an adversary to obtain the passwords they must have
|
||||||
|
# the backups GPG key, which is not obtainable from local or remote
|
||||||
|
# backups and can only happen if they get root access to the system
|
||||||
|
# (in which case it's game over anyhow) or if they can decrypt
|
||||||
|
# a master keydrive or obtain sufficient keydrive fragments.
|
||||||
#
|
#
|
||||||
# License
|
# License
|
||||||
# =======
|
# =======
|
||||||
|
@ -103,6 +111,8 @@ do
|
||||||
done
|
done
|
||||||
|
|
||||||
get_backup_key_id
|
get_backup_key_id
|
||||||
|
|
||||||
|
# Use the backups private key as a symmetric passphrase
|
||||||
MASTER_PASSWORD=$(gpg -q --armor --export-secret-key $MY_BACKUP_KEY_ID)
|
MASTER_PASSWORD=$(gpg -q --armor --export-secret-key $MY_BACKUP_KEY_ID)
|
||||||
|
|
||||||
if [ ! $CURR_USERNAME ]; then
|
if [ ! $CURR_USERNAME ]; then
|
||||||
|
|
Loading…
Reference in New Issue