Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: cgdconfig -e and a couple of small improvements

Alexander Nasonov wrote:
> # cgdconfig -eC
> /dev/wd0f's passphrase (echo):123456

This is now in the tree. I took out _SC_PASS_MAX from the patch before
committing because _SC_PASS_MAX has been removed from POSIX.

> Java-based console on one of my servers is so bad I can't enter
> a passphrase correctly unless it echoed.

The new option is also useful for changing a passphrase (cgdconfig -G).
It is a very scary operation because cgdconfig doesn't verify your
old passphrase and it doesn't ask you to re-enter your new passphrase.

Echoing both old and new passphases gives you greater piece of mind.

# cgdconfig -Ge /etc/cgd/backup-sd0d
old file's passphrase (echo):123
new file's passphrase (echo):345
cgdconfig: keygen pkcs5_pbkdf2/sha1 does not need a `key'
algorithm aes-cbc;
iv-method encblkno1;
keylength 256;
verify_method disklabel;
keylength 256;
verify_method disklabel;
keygen pkcs5_pbkdf2/sha1 {
        iterations [REDACTED];
        salt [REDACTED];
keygen storedkey key [REDACTED];


Home | Main Index | Thread Index | Old Index