[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Invalidate tarsnap key?



Should have also alluded to... if you believe an untrusted source has a copy of your key then you should also disconnect the account from a credit card or quit paying on it so any data under that account expires and is wiped from the system at tarsnap given expiration. If you have other machines connected to that account then you should just regenerate keys for them and proceed onwards!

-- 

J. Hellenthal

The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.






> On Mar 17, 2022, at 10:39, J. Hellenthal <jhellenthal@dataix.net> wrote:
> 
> Just nuke the key. Whatever way you have locally to permanently destroy all existing data should be plenty enough.
> 
> -- 
> 
> J. Hellenthal
> 
> The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.
> 
> 
> 
> 
> 
> 
>> On Mar 17, 2022, at 10:17, Arthur Chance <freebsd@qeng-ho.org> wrote:
>> 
>> Is it possible to invalidate an existing tarsnap key so it cannot be
>> used in future. I have a key for a decommissioned machine so it's no
>> longer needed and hypothetically it could be used for DoS attack (by
>> creating bogus archives and draining the account funds). Obviously this
>> is impossible unless the key leaks somehow, but operational paranoia
>> would suggest invalidating it would be a good idea.
>> 
>> -- 
>> All network cabling aspires to the condition of macramé.
>