Allow loading alternative encryption keys

netinvent / npbackup

A secure and efficient file backup solution that fits both system administrators (CLI) and end users (GUI)

GNU General Public License v3.0

164 stars 5 forks source link

Allow loading alternative encryption keys #56

Closed deajan closed 4 months ago

deajan commented 5 months ago

So we're pretty close to a v3 release. Would be nice to have a --key-location to load the AES key from a separate file instead of using the baked in one. Another way would be a --key-command which is supposed to give the AES key when run. None of these options could be encrypted by said AES key, but only obfuscated locally.

This needs to be discussed in SECURITY.md file too.

deajan commented 5 months ago

--key-location looks like a bad idea. Let's use env variables NPBACKUP_KEY_LOCATION and NPBACKUP_KEY_COMMAND instead

deajan commented 4 months ago

We also should include a --create-key [path] utility to make key creation easier.