Am Sonntag, 27. November 2011, 23:11:01 schrieb Valentin Rusu: > Hello, > > As per blueck demand on the IRC, please find below a plain text page > suitable for addition to the KWallet handbook, about the KDE Secret Sync > tool. > Hope my english is not too bad. Do not hesitate to adjust it if it's not > very intelligible/readable :-) > > *************** Begin ************* > > KDE Secret Sync tool aims to help synchronize secrets, such as passwords > and login-in account information, between several devices running KDE. > It comes as a feature of the new KSecretsService infrastructure. For > more information about this infrastructure, please check > http://techbase.kde.org/Projects/Utils/ksecretsservice and also the > project information page > https://projects.kde.org/projects/kde/kdeutils/ksecrets. This tool is > currently under development. > > KDE Secret Sync uses cryptograpy to securely exchange the secrets > between the devices. As such, it can be used over unsecure connections, > such as the internet. > > The operation is quite simple and it can follow one of the two scenarios: > - synchronize using a centralized resource, > - peer-to-peer synchronization. > > *Using a centralized resource* > This operating mode requires full access to an IMAP server. The KDE > Secret Sync tool creates an encrypted resource under the folder of your > choice then it updates it each time a local secret collection changes, > as notified by the KSecretsService infrastructure. This occurs each time > an application updates it's secret information. KDE Secret Sync tool > periodically checks this central resource for modifications and when > updates are found, then they are pushed to the corresponding local > collection. > > This case requires permanent connection to an IMAP server. The KDE > Secret Sync tool will hold sync operations during network outages. The > security level of this kind of operation depends of the security of the > IMAP server and the encrypting algorithm used to created the centralized > resource. On the other hand, storing the secrets on that centralized > resources can also be viewed as a backup. > > *Peer-to-peer synchronization* > This operation mode does not require access to a centralized IMAP > server. A list of known computers is used instead. KDE Secret Sync will > initiate secret exchange sessions with each of it's known computers over > a SSH tunnel. The local secret changes are propagated to the other known > computers as soon as they are detected. > > This case require a network connection between known devices. The KDE > Secret Sync tool will hold sync operations with the devices that are not > available due to network outages. A naming service should be used for > devices that change IP address with each connection. > > *************** End *************
Some questions: "Enable auto synchronization" is disabled by default and this has to be checked/enabled first, right? The General page has a Listening port, the "Known computers" list as well. What is the relation between the Listening port and the computers ports? * centralized resource/IMAP server Name (resolvable) or IP and Port of IMAP server has to be added to "Known computers" list? Can I use any Port number? What application/daemon is required to run on the IMAP server? * Peer-to-peer synchronization All peers have to be added to the "Known computers" list, all have to use the same port number? What application/daemon is required to run on the peers? auto synchronization has to be enabled on all involved peers? -- Burkhard L?ck
