Navigation

    Kopano
    • Register
    • Login
    • Search
    • Categories
    • Get Official Kopano Support
    • Recent
    Statement regarding the closure of the Kopano community forum and the end of the community edition

    How to change standard password key for account data encryption in Files-plugin.

    Plugins for Kopano WebApp
    1
    1
    523
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • klausade
      klausade last edited by

      According to /etc/kopano/webapp/config-files.php we should change standard password key for account data encryption. The file only documents how many characters and bits should be used (bits and characters…) . It would be better if that file also documented how this should be chanced. Now it just says:
      /**

      • Standard password key for account data encryption. We recommend to change the default value for security reasons
      • and a length of 16 characters. Data is only encrypted when the openssl module is installed
      • IV vector should be 8 bits long
        */

      I used this:
      FILES_PASSWORD_KEY:
      $ head -c 8 /dev/urandom | xxd -ps
      FILES_PASSWORD_IV:
      $ head -c 4 /dev/urandom | xxd -ps

      Thinking about it, I should also been able to use “pwgen -s -y 16 1” and “pwgen -s -y 8 1”, probably better.

      On another note, the file /etc/kopano/webapp/config-files.php is readable by all, wouldn’t it be better if the owner of that file was www-data, and not readable by all? This is on Debian 8.10 with kopano-webapp-plugin-files 2.1.0.222+26.1

      1 Reply Last reply Reply Quote 0
      • First post
        Last post