Johannes Ernst
Johannes Ernst
There are a bunch of FIXME placeholders, e.g. for credentials. At the very minimum, we need to check for syntactic and semantic correctness.
We don't want to write any secrets to disk. But the way `cryptsetup` works, it appears impossible to make it do what we want it to do without providing some...
Damned if you do, and damned if you don't (log the secret). So the compromise is the prominently warn the user and perhaps ask their consent before doing that. Implement...
Would be cool ... could be paradux writing to a password manager with an API, or the password manager writing to paradux, or ...
Instead of having pairs of files (e.g. `stewards.json` and `stewards.temp.json`) we could put those files into git, and keep the entire version history around. A checked-out file would only be...
RIght now `recover` requires that the user specify a JSON file with the recovery info. That's not practical for things other than development. Implement an alternate that allows text input,...
Currently commented out in the code.
Currenty a stub only. 1. Changing the everyday passphrase should simple invoke `cryptsetup` similarly to how we do it for recovery (copy-paste code?) 1. Changing the recovery secret is obviously...
See DestinationDataLocation.