Return-Path: X-Original-To: distix@pieni.net Delivered-To: distix@pieni.net Received: from yaffle.pepperfish.net (yaffle.pepperfish.net [88.99.213.221]) by pieni.net (Postfix) with ESMTPS id B258E44F02 for ; Mon, 3 Jul 2017 05:05:53 +0000 (UTC) Received: from platypus.pepperfish.net (unknown [10.112.101.20]) by yaffle.pepperfish.net (Postfix) with ESMTP id 6DD4041C94; Mon, 3 Jul 2017 06:05:53 +0100 (BST) Received: from ip6-localhost.nat ([::1] helo=platypus.pepperfish.net) by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) id 1dRtYX-0005gP-Dd; Mon, 03 Jul 2017 06:05:53 +0100 Received: from [10.112.101.21] (helo=inmail2.pepperfish.net) by platypus.pepperfish.net with esmtps (Exim 4.80 #2 (Debian)) id 1dRtYV-0005gB-RN for ; Mon, 03 Jul 2017 06:05:51 +0100 Received: from koom.pieni.net ([88.99.190.206] helo=pieni.net) by inmail2.pepperfish.net with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1dRtYT-0003yB-9M for obnam-dev@obnam.org; Mon, 03 Jul 2017 06:05:51 +0100 Received: from exolobe3.liw.fi (82-181-57-241.bb.dnainternet.fi [82.181.57.241]) by pieni.net (Postfix) with ESMTPSA id 9CB7F415C2; Mon, 3 Jul 2017 05:05:42 +0000 (UTC) Received: from liw.fi (localhost [127.0.0.1]) by exolobe3.liw.fi (Postfix) with ESMTPS id 872001200D0; Mon, 3 Jul 2017 08:05:41 +0300 (EEST) Date: Mon, 3 Jul 2017 08:05:40 +0300 From: Lars Wirzenius To: Wladimir Palant Message-ID: <20170703050540.p5co243yxedvsaca@liw.fi> References: <2d0a8c01-9f58-1ee7-7e20-53fe65d96718@palant.de> MIME-Version: 1.0 In-Reply-To: <2d0a8c01-9f58-1ee7-7e20-53fe65d96718@palant.de> User-Agent: NeoMutt/20170113 (1.7.2) X-Pepperfish-Transaction: 17ce-3045-f19b-6deb X-Spam-Score: -3.4 X-Spam-Score-int: -33 X-Spam-Bar: --- X-Scanned-By: pepperfish.net, Mon, 03 Jul 2017 06:05:51 +0100 X-Spam-Report: Content analysis details: (-3.4 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.5 PPF_USER_AGENT User-Agent: exists -1.0 PPF_USER_AGENT_MUTT User-Agent: contains Mutt (Mutt isn't a spam tool) -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] X-ACL-Warn: message may be spam X-Scan-Signature: ead9a2b6d4436a72c03b49bb9387508d Cc: obnam-dev@obnam.org Subject: Re: [rfc] Passphrase-based encryption X-BeenThere: obnam-dev@obnam.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Obnam development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1394484192573658266==" Mime-version: 1.0 Sender: obnam-dev-bounces@obnam.org Errors-To: obnam-dev-bounces@obnam.org --===============1394484192573658266== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="7qbtxbyxqzy7vbbt" Content-Disposition: inline --7qbtxbyxqzy7vbbt Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jul 03, 2017 at 12:14:44AM +0200, Wladimir Palant wrote: > Hi, >=20 > with GPG being great and all that, I'd still prefer having the option to = use > a plain passphrase and AES encryption with obnam. IMHO, this approach has > two advantages: >=20 > * Considerably simpler setup, you merely need to come up with a high-entr= opy > passphrase. > * Much easier to back up - you don't need to worry about losing the > passphrase due to a hard drive crash. If you are afraid of forgetting it, > then writing it down and keeping somewhere safe will do. If you want this, you should write a plugin that adds symmetric encryption in addition to the PGP based on that Obnam currently provides. You should probably do it by only encrypting the symmetric encryption key that PGP encrypts. This would allow PGP and symmetric to be used on the same repo by different clients. I am afraid, however, that I am unlikely to accept the plugin into Obnam proper, since I don't think it makes things better. It's true that it will probably be easier to set up, but at the cost of more difficult key management. Backing up small files such as PGP keys is so easy I don't agree with that part of your argument. It's a matter of a few kilobytes. You could put the key into a QR code and print it on paper. Also, environment variables can be read by other processes, just like command line arguments can be. See /proc/*/environ. The environ files are only readable by the owner, but it's still not a way to pass secrets, in my opinion. Defense in depth, and all that. > * The current encryption plugin will use /dev/random rather than > /dev/urandom by default. Since 1.20 (October 2010) the default is /dev/urandom. --=20 I want to build worthwhile things that might last. --joeyh --7qbtxbyxqzy7vbbt Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEETNTnrewG6wEE1EJ3bC+mFux6IDEFAllZ0KMACgkQbC+mFux6 IDFF9hAArBHn3l/cnizZqcmvzAzZUoqGcORXRhgJP2nzFIqF+cVRduWDwaYpOheF UqBDUF2emxdBKmDwTg/ydptWFgC5o5rO4xo1DVTMT23HZZHEYdKCtUhH+QTUUJyO EUKuOpP9CAUXGOBmhnP1FeLC6Q0BaUprQVZaPWX5ULFy5n7cav/piRChQJ0bheq7 6E32te9lIJsQNtnrjwlevdNt7u14WpzCPRi/Mwl7LoNuYdtZY+ubGIhNSlfJQp3N ERUU4oAFM9iaRlXIf24vbziGFEa01pCOSqpxO0nvKk/OjIvn8Nc++5wcgDqE5ouP A1RnMlE/mdPR/Gh8FtVrHOxk5Icx5aA3ApwzY9Br6XXf39XhsYD5lSxeGOWAOQhP VvtD/flXBeL9pRimMHMDaxLHmkv2JfpB9EhmSmO1G5N/Yz/e1O9Qej+sv8M85y7Y dONaiQsS2fEAMky9kn+01UR2xXSrhxeXBbT6mavbd1F7CR/GXiU/pe4CsURj7z8K vNS9UwdsGLICgpi59TTd7J/UxieBkn8XYq904X1Zt7Zl7QE7gdk/dDTg9AzikRTy tmcBVQ7xDeP7EeOlRJ7aFZcj3LbwoY4kfsvV7oJocd5xdiCF/HruUKxfoHtmigQv OUHw/Xlvi075ekz2o2Woc52+Pvv0Z8NPAWpgNaj2guf+q1wZ2SE= =nx+l -----END PGP SIGNATURE----- --7qbtxbyxqzy7vbbt-- --===============1394484192573658266== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ obnam-dev mailing list obnam-dev@obnam.org http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org --===============1394484192573658266==--