Tessera and passphrase protected keys #729
Comments
|
Nice catch. This is definitely a feature that is needed. As for when, I don't have any timeline - if you get any spare time, pull requests are always welcome :) |
|
It sounds like we'd also want this for the remote enclave as well as the tessera app jar. The general issue of being forced to provide an arg 100% agreed. Prompting the user for input sounds fine. But 'waits indefinitely for the correct password' I think it should fail after N attempts. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We had the constellation ver 0.3.2 functionality where if incorrect passphrase is provided, the constellation node waits indefinitely for the correct password to be keyed in.
The same functionality seems not to be present in tessera. Is there a possibility that this feature will be made available anytime sooner.
The background of the question is, we were able to securely pass the passphrase when using constellation using the feature in question but with tessera, we are forced to pass the password as an argument which can be easily extracted from the process monitor.
The text was updated successfully, but these errors were encountered: