You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
On my server, I would like to have a PEFS directory protected by both a user password and another secret owned by the server itself.
So here is what I did : echo userpassword | pefs add chain -j - -k /my/server/secret -Z -f /private.enc/
However, here you wrote : PEFS key may be split into several components by using -k option, but note that -k assumes that input file is already a key, thus skipping pbkfd2 transform performed for passwords.
So I think I should do : echo userpassword | pefs add chain -j - -j /my/server/secret -Z -f /private.enc/
Sounds like it works, however my question is, can we use -j (and -J) several times ?
Is it a supported use case ?
Perhaps you could clarify this into the man page ?
Gleb, thank you very much !
Ben
The text was updated successfully, but these errors were encountered:
PASSPROMPT is the password entered by user on console.
Some of the KEYFILE*, PASSFILE* and PASSPROMPT may be optional depending on the command line options.
In other words:
Processing password sources (raw password material) with PBKDF2 produces another raw key material source.
Multiple raw key material sources are used as input for hash function to produce the actual key.
Hello,
On my server, I would like to have a PEFS directory protected by both a user password and another secret owned by the server itself.
So here is what I did :
echo userpassword | pefs add chain -j - -k /my/server/secret -Z -f /private.enc/
However, here you wrote :
PEFS key may be split into several components by using -k option, but note that -k assumes that input file is already a key, thus skipping pbkfd2 transform performed for passwords.
So I think I should do :
echo userpassword | pefs add chain -j - -j /my/server/secret -Z -f /private.enc/
Sounds like it works, however my question is, can we use -j (and -J) several times ?
Is it a supported use case ?
Perhaps you could clarify this into the man page ?
Gleb, thank you very much !
Ben
The text was updated successfully, but these errors were encountered: