Open pblajev opened 7 years ago
stripthis
commented
7 years ago @pblajev thanks for the suggestion. I'm not sure how would that "download all encrypted password" be different than say running a mysql_dump, can you elaborate on the format that you want?
pblajev
commented
7 years ago Hey Remy,
The same format what 'passbolt get' returns.
Encrypted password example:
-----BEGIN PGP MESSAGE----- Version: OpenPGP.js v2.3.7 Comment: http://openpgpjs.org wcBMA1ZMoydM6fX6AQf9Gbz2/dYg8ZrRcAO2oWahXYNmV4pjUBkU3vBbmK6d s/SfJfJUlXdNGF7zO/oTW9H6mXpBHpef+X0ixpgOEIa2p8Xkcws9eY6CvweG C+EW/N8I0f/C5vPG+11T7Dqfgd/TW9H6mXpBHpefM47fypvZMtjgbl7jhLtza3 Ci/ksm9CxPnEmw9T/TZG/VR/47FDSHZaQoPXKvPM2WxPLijDeonHp780blXL XOf7beu3koSdkV3/XDXGJAIpphUXZRfMzdRsTpvZ/XN3Ir/14i3RtXaD4E5/ NSUdBR7mZoWq3BWcGn80UhIDXi69z57iD9KZQjNuQBZ05LyYrzayj7YkPy/u N9JeAX1bi266kK3rEO6aGnzPFijL11vLpB+9kyzwuqAVGJSatwDEOCEauyKX YJqcc9TQuHURs7u+DPU3a6aazXlLItFylZHB+FzIglTIq0Lpg8JzpwB7PjAm 7S8ki11GuQ== =1LTP -----END PGP MESSAGE-----
With this supported information: Account: Passbolt account that can decrypt this message. Name: The Name column in 'passbolt find' Username: The Username column in 'passbolt find'
With access to the four items above (Account, Name, Username, Encrypted password), I can confidently create a file based backup that will provide a lot of flexibility designing access to it in case of an emergency.
I assume this information can be extracted from the database but you guys know the database best. A tool supported by the developers will guaranty it's functionality even when the database schema changes or whatnot.
I hope this makes the request more clear (and convincing :-) ).
Thanks,
-- Peter
On Tue, Sep 5, 2017 at 12:39 AM, Remy notifications@github.com wrote:
@pblajev https://github.com/pblajev thanks for the suggestion. I'm not sure how would that "download all encrypted password" be different than say running a mysql_dump, can you elaborate on the format that you want?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/passbolt/passbolt_cli/issues/4#issuecomment-327096837, or mute the thread https://github.com/notifications/unsubscribe-auth/ACEhwJTNFRllcHs4TzcR7FEDVq3XZXccks5sfPrNgaJpZM4PKxGm .
I can use passbolt cli to download my encrypted passwords.
It will be great if I can download all encrypted passwords stored on the system.
In case of a disaster I can fast and easy build a system with gnupg, copy the user keys, copy the encrypted passwords and tell users: login here -> run this command -> type your passphrase
In an emergency, most likely I won't have time to rebuild a full functioning passbolt system, with all it's dependencies, and restore everything from backups, just so I can gain access to the passwords that I need so I can deal with whatever problem I'm facing.
All passwords are emailed to users in encrypted format anyway so security should not be a big concern in this request.
Please consider adding this functionality. It will make rolling out a passbolt system in production way easier to defend and get an approval.
Thank you,
-- Peter