[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Tarsnap feature request: storing encrypted keys
On Sep 25, 2012, at 4:07 AM, Colin Percival <cperciva@tarsnap.com> wrote:
>> and tarsnap keys are kind of long (~5kB). So here's a feature
>> request: let me upload a possibly encrypted key file to tarsnap.com so
>> I can re-download it if necessary, presumably using only my account
>> password to authenticate.
>
> This is something I've wondered about doing for a while; I'd prefer that
> people not use such a feature, but I can certainly imagine it making life
> easier for some people.
[…]
> This is certainly something which I could add (and as I mentioned above
> have thought about before). I'd be interested in hearing from anyone else
> on the list who would like to see this functionality.
So, what we end up doing is having our collection of keys stored on a shared encrypted loopback volume with a long decryption passphrase. Something of that sort is essential since if things go boom there are folks other than myself that may need, at any hour of the night or day, to be able to access our backups. I presume that is a common case with tarsnap users.
However, I do like having that out of band with tarsnap's storage itself. I'd prefer a tool that could do the above, but e.g. with options to push the key collection to a user controlled sftp / dropbox / s3 / etc. volume.
-Scott
--
Scott Wheeler | Co-founder | Directed Edge | www.directededge.com | @directededge