Implement password management function #20
Comments
|
You can't change the encryption key on a folder with I think we should go the ecryptfs route here, and store a secondary salt and key in a folder that's decrypted by the first salt and user password. Then if you want to change the password or salt you can just reencrypt the secondary salt and key into a folder encrypted with the new password/salt and flip the folders and hey presto you've got password management without having to re-encrypt all the user's data. |
|
My idea works - I've changed both password and salt and the wrapping works. I just need to write the chauthtok hook and it's ready for a PR. You can see my progress on this branch |
|
Nice. I'll have a closer look some time during the next week. |
|
One thing keeps bugging me, though: does it make sense to have a directory as an encrypted container for passwords and salts? Wouldn't an encrypted file make more sense? |
|
Yeah, but I'd need to encrypt both the wrapped token and the wrapped salt so I'd need 2 files anyway. (Or fixed size salt/token) And I haven't looked into encryption (in C) much so I figured I'd reuse the ext4 encryption that's already working. |
We currently don't react on password changes performed by users. After an user changes his/her password, the files and directories previously encrypted are still encrypted with the old keys.
We should implement the corresponding PAM password management functions and document the issue for users.
The text was updated successfully, but these errors were encountered: