[tahoe-dev] usage of key file or smart card?

Kevin Reid kpreid at mac.com
Thu Nov 19 20:58:27 UTC 2009


On Nov 19, 2009, at 15:06, Stefan Xenon wrote:

> Is it possible to use a key file or a smart card instead of a pass
> phrase to encrypt the storage in Tahoe? If so, are there any resources
> describing the usage?


Tahoe does not use any passphrase or single key. The encryption key  
used is either derived from the file contents (immutable files) or is  
a public/private key pair generated just for that file (mutable files/ 
directories).

The valuable secrets in Tahoe are the caps, which are generally either  
stored as URLs (in your choice of location), or in the tahoe aliases  
file <tahoe-dir>/private/aliases, which you can of course store on any  
secure media you like.

There is also the convergence secret private/convergence which, if you  
use one, you probably want to keep safe as well, but is not really a  
key or passphrase.

-- 
Kevin Reid                                  <http://switchb.org/kpreid/>







More information about the tahoe-dev mailing list