Changing a password doesn't make any sense for seciurity #766
Comments
KonoromiHimaries
changed the title
KonoromiHimaries
changed the title
|
It's not a bug see https://github.com/rfjakob/gocryptfs/blob/master/Documentation/MANPAGE.md#-passwd . With the old |
|
@jumoog new changes in files after changing a password should be protected. |
|
You only change the password. The master key is still the same as before. And only the master key is used for encryption and decryption. |
|
This is always the case if you use e.g. LUKS to encrypt your hard disk:
Now you can also use the old password. |
|
Maybe create a sub-key for the new password and use it at replace master-key for new changes in files is good solution. |
|
I agree that it's somewhat stupid, but as mentiones, basically all disk
encryption works like this.
I will at least add a warning into the man page.
The use case for changing the password is to change it to something very
strong *before* you upload it somewhere.
…On Tue, 18 Jul 2023, 13:02 Mtq, ***@***.***> wrote:
Maybe create sub-key for the new password and use it at replace master-key
for new changes in files.
—
Reply to this email directly, view it on GitHub
<#766 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AACGA767MWWMFAU5PZHA3NDXQZUMPANCNFSM6AAAAAA2MATM24>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
if i copy gocryptfs.diriv and gocryptfs.conf
next create a single file with random text inside and paste it to mount folder
next unmount and change a password with
-passwdoptionnext mount and change a text inside this file
next unmount and copy back gocryptfs.diriv and gocryptfs.conf that were copied before
then mount and i have new text inside this file with old password
The text was updated successfully, but these errors were encountered: