Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upOpenSSL encryptor: deprecated key derivation used #949
Comments
|
This can be fixed with a monkeypatch in module OpenSSLFixDeprecatedKeyDerivation
def options
super + ' -pbkdf2'
end
end
require 'backup/encryptor/open_ssl'
Backup::Encryptor::OpenSSL.prepend(OpenSSLFixDeprecatedKeyDerivation)OpenSSL 1.1.1+ or LibreSSL 2.9.1+ will be required to decrypt, and you'll need to pass openssl aes-256-cbc -d -md sha256 -pbkdf2 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What went wrong?
I'm getting deprecation warnings with openSSL encryption.
[2019/09/05 08:38:52][info] Using Encryptor::OpenSSL to encrypt the archive.
[2019/09/05 08:40:22][warn] Pipeline STDERR Messages:
[2019/09/05 08:40:22][warn] (Note: may be interleaved if multiple commands returned error messages)
[2019/09/05 08:40:22][warn]
[2019/09/05 08:40:22][warn] *** WARNING : deprecated key derivation used.
[2019/09/05 08:40:22][warn] Using -iter or -pbkdf2 would be better.
What steps did you follow?
How is your copy of backup configured?
Use config encryption step:
encrypt_with OpenSSL do |encryption|
encryption.password = 'Some password'
encryption.base64 = true
encryption.salt = true
end
Tell us about the computer that runs the backup gem