Problem
Authsome currently treats the local filesystem master key (~/.authsome/master.key) as the default master key source. That makes the least secure storage option the primary path.
Proposed behavior
Change master key resolution so Authsome prefers stronger/external sources first:
- Use
AUTHSOME_MASTER_KEY from the environment when it exists.
- Otherwise, check the OS keyring for an existing master key.
- Fall back to the local filesystem master key only when neither environment nor keyring is available.
CLI impact
Update authsome init to initialize/configure the same precedence and make clear which master key source will be used.
Acceptance criteria
- Master key resolution follows env -> keyring -> filesystem fallback.
- Existing local
master.key users continue to work as fallback.
authsome init creates/verifies the configured master key source using the same logic.whoami/health output reflects the effective or configured encryption source clearly.- Tests cover env, keyring, and filesystem fallback behavior.
Problem
Authsome currently treats the local filesystem master key (
~/.authsome/master.key) as the default master key source. That makes the least secure storage option the primary path.Proposed behavior
Change master key resolution so Authsome prefers stronger/external sources first:
AUTHSOME_MASTER_KEYfrom the environment when it exists.CLI impact
Update
authsome initto initialize/configure the same precedence and make clear which master key source will be used.Acceptance criteria
master.keyusers continue to work as fallback.authsome initcreates/verifies the configured master key source using the same logic.whoami/health output reflects the effective or configured encryption source clearly.