[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

tarsnap-keymgmt --outkeyfile foot bullet

To: tarsnap-users@tarsnap.com
Subject: tarsnap-keymgmt --outkeyfile foot bullet
From: Daniel Franke <dfoxfranke@gmail.com>
Date: Sat, 29 Dec 2012 23:41:44 -0500

The following is how NOT to add a passphrase to your tarsnap key:

$ tarsnap --outkeyfile key.new --passphrased key
$ mv key.new key

...thereby overwriting your key with a worthless one containing no
permissions.

Fortunately, I was doubly stupid and merely overwrote the inode rather
than securely wiping the unencrypted key. These stupidities cancelled
each other out, and I managed to recover my key by grepping my partition
for "# START OF TARSNAP KEY FILE".

Colin, please consider this anecdote to be a feature request: if none of
the -r/-w/-x/--nuke arguments are supplied to tarsnap-keymgmt, then
output a key containing all the permissions of the input key rather than
none of them.  Alternatively, at least warn the user that he's doing
something stupid.

Follow-Ups:
- Re: tarsnap-keymgmt --outkeyfile foot bullet
  - From: Daniel Franke <dfoxfranke@gmail.com>
- Re: tarsnap-keymgmt --outkeyfile foot bullet
  - From: Daniel Parks <tarsnap@masterwebdev.com>

Prev by Date: Re: Mail upon successful backup
Next by Date: Re: tarsnap-keymgmt --outkeyfile foot bullet
Previous by thread: Mail upon successful backup
Next by thread: Re: tarsnap-keymgmt --outkeyfile foot bullet
Index(es):
- Date
- Thread