Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Option to suppress masterkey printing. #76

Closed
brimston3 opened this issue Feb 6, 2017 · 8 comments
Closed

Option to suppress masterkey printing. #76

brimston3 opened this issue Feb 6, 2017 · 8 comments
Milestone
v1.6maybe

Comments

@brimston3
Copy link

The terminal on a remote system does not need to know the master key every time, especially if the user has already stored it.

Currently, the masterkey will not print if logging to a file, so to work around the missing flag, I currently do the following:
gocryptfs .gocrypt-store gocrypt |tee /dev/null

Please add a mount option or short flag to suppress the master key output, or perhaps change the default behavior to only print the master key on init.

gocryptfs v1.2-35-g0f40afc; go-fuse 0ad840c; 2017-02-06 go1.7.4
@rfjakob
Copy link
Owner

rfjakob commented Feb 6, 2017

Do you know "-q" ?

@brimston3
Copy link
Author

I didn't; rtfm failure. I like the other info messages, but -q works for this issue. It still concerns me that the default is to print the master key each time--users might not be careful about where they unlock their mounts, but I can accept if this is the design direction you want to stick with.

@rfjakob
Copy link
Owner

rfjakob commented Feb 6, 2017
edited
Loading

The concern that the master key may end up in too many terminal buffers is certainly valid, especially if the user has already saved it somewhere. I think I'll add "Use -q to suppress this message." to the printout to make "-q" more discoverable.

PS: I'm amazed you discovered that the master key is not printed when writing to a pipe :)

@xaionaro
Copy link
Contributor

xaionaro commented Jun 9, 2018

I think that the idea of printing the master key (when the user didn't ask for that) is a very bad idea. It shouldn't be suppressed by an option, it should be not printed without a special option.

@rfjakob rfjakob added this to the v1.6maybe milestone Jun 10, 2018
@rfjakob rfjakob reopened this Jun 10, 2018
rfjakob added a commit that referenced this issue Jun 26, 2018
@rfjakob
Only print masterkey once on -init
a072636 
It is no longer printed at all when mounting a filesystem,
printing on -init can be disabled with -q.

#76
rfjakob added a commit that referenced this issue Jul 1, 2018
@rfjakob
Only print masterkey once on -init
6d64dfe 
It is no longer printed at all when mounting a filesystem,
printing on -init can be disabled with -q.

#76
@rfjakob
Copy link
Owner

rfjakob commented Aug 11, 2018
edited
Loading

Fixed by 6d64dfe . Master key is now only printed on init.

@rfjakob rfjakob closed this as completed Aug 11, 2018
@newhoa
Copy link

newhoa commented Mar 3, 2020

Some of the documentation (the git README.md, and the home page), still says "keep a copy of your master key (printed on mount) in a safe place."

Is there a command option to print out your master key?

If you use a gui like SiriKali to create a volume, you will not see the master key on init. I may be overlooking it but now I do not see a way to print out the master key after init. Thanks.

@rfjakob
Copy link
Owner

rfjakob commented Mar 3, 2020

It's not in gocryptfs itself but in gocryptfs-xray, option -dumpmasterkey ( https://github.com/rfjakob/gocryptfs/blob/master/Documentation/MANPAGE-XRAY.md )

I will fix the docs, thanks for the notice

@newhoa
Copy link

newhoa commented Mar 4, 2020

Oh great, I did not know about gocryptfs-xray. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.6maybe
Development

No branches or pull requests
4 participants
@rfjakob @newhoa @xaionaro @brimston3