On 8/3/11 1:46 PM, Stephen Gallagher wrote: > Well, there exist central storage approaches that don't allow even the > local admin access to the data. The trade-off of course is that they > can't reinstate your access if you forget the password. In other > words, you can set a password that is used as a symmetric key for > encrypting your data in the central store. It's still central and can > be retrieved from anywhere, but only you know how to read it.
You still seem to be missing the relevance of unscrupulous administrators and compromised systems to "man in the middle" any interactions you have with this system. Unless you never access the data yourself once the unscrupulous admin or attacker has gained access, then such a person can pretty easily intercept your password and get at your data. Ian
_______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users