Uploaded image for project: 'GPII - Global Public Inclusive Infrastructure'
  1. GPII - Global Public Inclusive Infrastructure
  2. GPII-3714

Implement "secret blower" to copy machine secret into secure area

    XMLWordPrintable

    Details

      Description

      Based on our discussions at https://pad.gpii.net/p/breaking-down-morphic-keyless-signup-5v1a4nw5? , it seems that this can just be a relatively simple 3-line script to copy the file, packaged with the blower, into the "ProgramData" directory and then set its permissions.

      In future, to minimise the costs of constantly repackaging and rehandling the secret, this will be implemented as a dynamic app which requests a fresh secret from a cloud endpoint, given a higher-order "secret-granting secret". Even more distantly, there might one day be a means of tying the machine secret to some more or less stable machine id.

        Attachments

          Activity

            People

            Assignee:
            jhernandez Javier Hern√°ndez
            Reporter:
            amb26 Antranig Basman
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated: