Re: cgd questions

To: Thomas Klausner <wiz%NetBSD.org@localhost>
Subject: Re: cgd questions
From: Greg Troxel <gdt%lexort.com@localhost>
Date: Tue, 03 Oct 2023 15:53:33 -0400

Thomas Klausner <wiz%NetBSD.org@localhost> writes:

> IIUC the cgdconfig man page correctly, this is how you do that:
>
>      To create a new parameters file that will generate the same key as an old
>      parameters file:
>
>              # cgdconfig -G -o newparamsfile oldparamsfile
>              old file's passphrase:
>              new file's passphrase:

I think what that does is encrypt the old key using the new passphrase,
and store that encrypted key in the config file.  Thus you haven't
changed the key, but you have a config file that allows decryption with
a new passphrase.  That's good to give a second person access, but it
doesn't revoke the first passphrase's access, if I understood correctly.

References:
- cgd questions
  - From: Thomas Klausner
- Re: cgd questions
  - From: Greg Troxel
- Re: cgd questions
  - From: Thomas Klausner

Prev by Date: Re: urndis and tethering on a Google Pixel 6 phone (or not)
Next by Date: daily CVS update output
Previous by Thread: Re: cgd questions
Next by Thread: Re: cgd questions
Indexes:

Home | Main Index | Thread Index | Old Index