Isn’t GELI a GEOM-class? and those are for GEOMs, how are single files like pass uses them GEOMs? Do you want to create a zfs set for each password and then put GELI on top of that to encrypt it?
Niels > On 20. Nov 2017, at 19:58, Daniel Jensen <[email protected]> wrote: > > So it’s probably better to fork pass into zpass or something similar, since > it’ll be exclusively for ZFS datasets and can optionally use GELI instead of > GPG. > > Will give it some thought, but perhaps it wasn’t really a good idea for a > feature request after-all. > > For reference, here are some links that should work: > https://man.freebsd.org/geli(8) > https://man.freebsd.org/ggatel(8) > >> On 20 Nov 2017, at 19.51, Kenny Evitt <[email protected]> wrote: >> >> (Don't forget to 'reply all' to keep the thread on the list.) >> >> Those links don't work for me. But I was able to get at least a sense of >> what `geli` and `ggatel` are based on some cursory review of Google search >> results for those terms. Basically, FreeBSD can encrypt arbitrary >> filesystems. >> >> I can't think of what support Pass could have that would be relevant to >> these features. What specifically do you want to do with Pass and these >> features that you can't currently? >> >> First, being only available on FreeBSD seems pretty limiting. Why would Pass >> add features only available on one platform? >> >> Second, why would you want to combine those features with Pass? Or are you >> requesting that Pass be modified to (optionally?) make use of the FreeBSD >> filesystem encryption features *instead* of using GPG (and any other >> extensions available)? >> >> I don't speak for the author and maintainer, but I'd guess this would make >> more sense as a Pass-like or Pass-inspired project. >> >> Pass repos are just directories with GPG-encrypted files. (There's some >> conventions about what keys should be used to encrypt which files based on >> *.gpg-id* files in the root directory or sub-directories.) They can also be >> a Git repo for tracking changes. But besides that they're (perfectly?) >> independent of any specific filesystem. Would adding support for the FreeBSD >> GEOM features change that? >> >>> On Mon, Nov 20, 2017 at 8:15 AM, Daniel Jensen <[email protected]> wrote: >>> Well, it’s a feature that’ll pretty much only work on FreeBSD since it >>> requires GEOM. >>> >>> GEOM ELI (https://man.freebsd.org/geli(8)) and GGATEL >>> (https://man.freebsd.org/ggatel(8)) can be used to mount a disk image as a >>> directory, which is where pass stores its data structure. >>> >>> >>>> On 20 Nov 2017, at 14.09, Kenny Evitt <[email protected]> wrote: >>>> >>>> I'm using ZFS on some servers, but not with Pass. What kind of features >>>> would you want to add to Pass related to ZFS or ZFS datasets? >>>> >>>> What's GELI? >>>> >>>> Depending on what it is exactly that you want, it could probably be >>>> implemented as a Pass extension. I'm pretty skeptical that these features, >>>> whatever they are, would be sensibly added to Pass itself. >>>> >>>>> On Sun, Nov 19, 2017 at 12:22 PM D. Ebdrup <[email protected]> wrote: >>>>> ZFS datasets and GELI are really powerful things and would be a great >>>>> >>>>> addition to password-store, so I’m wondering if it’s possible to >>>>> >>>>> implement this. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Alternative, if it’s something I can figure out to do, or find someone >>>>> >>>>> with the skill to add it, is it a feature that would be accepted? >>>>> >>>>> >>>>> _______________________________________________ >>>>> >>>>> Password-Store mailing list >>>>> >>>>> [email protected] >>>>> >>>>> https://lists.zx2c4.com/mailman/listinfo/password-store >>>>> >>> >> > > _______________________________________________ > Password-Store mailing list > [email protected] > https://lists.zx2c4.com/mailman/listinfo/password-store
_______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
