check in current project state
This commit is contained in:
19
README.md
19
README.md
@ -10,6 +10,8 @@ consuming a lot more time and energy than what feels justified.
|
||||
|
||||
This system has been created to provide a centralized solution that works well-enough.
|
||||
|
||||
One clear goal was to have all the complexity on the server-side, and be able to construct a minimal client.
|
||||
|
||||
## Components
|
||||
|
||||
This system has been designed with modularity and extensibility in mind. It has the following building blocks:
|
||||
@ -47,13 +49,14 @@ If permitted to access the secret, it will returned encrypted with the client RS
|
||||
|
||||
This allows the client to decrypt and get the clear text value easily.
|
||||
|
||||
## Usage
|
||||
# FAQ
|
||||
## Why not use Age?
|
||||
I like age a lot, and it's ability to use more ssh key types is certainly a winner feature.
|
||||
However, one goal here is to be able to construct a client with minimal dependencies, and that speaks in favor of the current solution.
|
||||
|
||||
# Next step
|
||||
## Rewrite encryption to use age
|
||||
The RSA implementation works alright, but requires some work on the client side converting back to a readable format.
|
||||
Age seem better suited, as it can also use ed25519 keys.
|
||||
Using just RSA keys, you can construct a client using only the following tools:
|
||||
- base64
|
||||
- openssl
|
||||
- ssh
|
||||
|
||||
|
||||
## Dedicated client?
|
||||
If `age` works out, it may be entirely unnecessary to have a dedicated client. Who knows...
|
||||
This means that you can create a client using just a shell script.
|
||||
|
||||
Reference in New Issue
Block a user