y'all are reinventing a TPM. Quoth sirjofri via 9fans <[email protected]>: > 30.12.2025 19:22:13 Dworkin Muller <[email protected]>: > > Alternatively, just set it up as a secret store, like is done with > > terminals. Not quite as elegant/cool, but perhaps more practical. > > In general, you're right. However the big difference (and why I think there's > a solid use case for a factotum key) is that the machine that runs factotum > has to be secure. If you have a terminal with its own factotum program, > that's fine. The program is on a trusted machine. However, if your terminal > boots off a fs, you have to trust the factotum program on that fs to not > steal your keys when executed. If you run factotum in a remote session, you > have to trust the server. If you have a single enclosed factotum key and no > way for the host to download the secrets directly, then you can use it even > on an untrusted machine. > > Sure, you still need a way to edit the keys. Maybe a specific mount access > using an additional secret for editing or something similar could be invented. > > In any case, I think for a fully trusted environment you probably don't need > a factotum key. I think the whole factotum and secstore stuff is built around > this level of trust (you trust the grid). If you consider a public grid with > multiple users and people who sign in as guests, I'd prefer to not have my > secrets uploaded into the memory of a machine that I can't control myself, if > possible. And people do set up grids like that. That's why I welcome > experiments into that direction. Not to replace the current status quo, but > to extend it in a compatible way for different use cases. > > sirjofri
------------------------------------------ 9fans: 9fans Permalink: https://9fans.topicbox.com/groups/9fans/Ta60752663ff08448-Mfe30e767d437cfac9dbc3483 Delivery options: https://9fans.topicbox.com/groups/9fans/subscription
