-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 2017-05-07 11:33, nickl...@kulinacs.com wrote: > On May 7, 2017 10:39:22 AM CDT, Andrew David Wong > <a...@qubes-os.org> wrote: On 2017-05-07 10:32, > nickl...@kulinacs.com wrote: >>>> On May 7, 2017 10:23:54 AM CDT, Andrew David Wong >>>> <a...@qubes-os.org> wrote: On 2017-05-07 10:10, >>>> nickl...@kulinacs.com wrote: >>>>>>> What benefit does this have over simply ysing >>>>>>> qubes-split-gpg-client-wrapper, like done here: >>>>>>> https://github.com/kulinacs/pass-qubes It seems like a >>>>>>> lot of overhead for not a lot of gain. >>>>>>> >>>>>>> On May 7, 2017 9:50:26 AM CDT, "Manuel Amador (Rudd-O)" >>>>>>> <rud...@rudd-o.com> wrote: >>>>>>>> Building on the excellent pass >>>>>>>> (https://passwordstore.org), it gives me great >>>>>>>> pleasure to announce the initial release of >>>>>>>> qubes-pass — an inter-VM password manager and store >>>>>>>> for Qubes OS. >>>>>>>> >>>>>>>> Check it out here! >>>>>>>> >>>>>>>> https://github.com/Rudd-O/qubes-pass >>>>>>>> >>>> >>>> What are the advantages of either of these over the >>>> traditional Qubes model of having a normal password manager >>>> in a vault VM and using the inter-VM clipboard to copy/paste >>>> passwords out of it? >>>> >>>> >>>> I prefer Pass because it uses GPG for encryption, meaning I >>>> can manage fewer secrets over all (as it backends into my >>>> normal GPG key) and then track my password files in git. To >>>> do this with the traditional Keepass method, you either need >>>> to back up the password database somewhere secure or remember >>>> another password for it. >>>> > > Why not just back up the entire vault with qvm-backup? > > > Git has less storage overhead (as you're backing up a bunch of text > files, not an entire VM), allows proper versioning, so it is > trivial to see your passwords at a point in time, and can be used > cross platform if you chose to keep your GPG key on another > system. >
I prefer the security of qvm-backup[-restore], since it allows me to keep the vault and its contents permanently offline. The entire VM is BZIP compressed, AES-256 encrypted, and HMAC-SHA512 authenticated. The integrity verification, authentication, and decryption all happen at the dom0 level. The backup is tiny, so the storage overhead is inconsequential, and there's no need to worry about file-level metadata leakage or the backup file itself being used as an attack vector. KeePassX has sufficient built-in versioning for me, and it's easy enough to sync Qubes backups across machines with simple scripts. With this setup, considerations like "managing fewer secrets" seem out of place. I only have to manage three secrets: 1. LUKS passphrase 2. Backup passphrase 3. Screen locker passphrase Managing these three allows me to have an arbitrary number of additional secrets in VMs without having to remember anything else. I can't replace 1, 2, or 3 with my PGP key(s), because my PGP key(s) are inside my PGP VM, which I can't access except via 1, 2, or 3. But that's by design. I wouldn't want to make that replacement even if I could, since I wouldn't want an attacker who gains access to my (one of my) PGP (sub)key(s) to have access equivalent to 1, 2, or 3. I also wouldn't want to use my (import) PGP keys on any non-Qubes systems, since that would likely defeat the purpose of protecting them via Split GPG. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJZD1gbAAoJENtN07w5UDAwu14P/2ZzxA5RM4QS/F+GhyafenJM rQmgmxpZbDIENeiwCrxQGkPxO5vZjGXcIKsACekLlTVeWwNvmRtfOnQa5vvhBDyS 1WGoHYOnuODM7EVe2GZhA4gngRWiJ+iLFvvtRcApG6hMA7BwGqxsLUhl1XbQL3XA EVYEIfkLZ8CffIe2QuXAwFMMc6uBYMHunTSeZPZHuy7DmGLEHacHuuJvUadxzHqF r3zncyZeCwrFwUrJFgDE8UTXcrv5azuih4Pr1GN1G3HgsvpjfMTtyYZlfYJX1agQ JonOQ//N6Fv8B2Fn5tFEGCHJN9hddfc1YW0xMvgHc8AbiBEGN4aUzb+pd+EprL8j 7uEsFnYy/zBs/TXMaQaAecQYIGOln76IDtUMNQhTmBTHdltJoe3yE0RdCP3T2zJj d5dtP09imbNx2GFoac/6gA3HnmP/4rPeK6qnad7i0y1OyuMl4zTrU2AdqwcG4+S8 N0XGywpBlr+bDUCEuxtGO13pDPomgQXuPoOgZPmJORF/4T/KxEBMKEBEPVs1K81E nblCCG6n80STe48a4Vk0Gv4IFw9Or/kFYR5M4B4UvnmJCoMaWj1a92VBC/8z8KCG ck0MkR2y6KbA1wI3CUAF8GkjlIfEE2ewaU8BQcEQqKplL7gNV4NqfRbpMuvLe1LW TK/sqfLYBdq0r/UsYQ+p =dZn6 -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/76e540df-ef80-cbaa-9ab7-f0aaf8684523%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
