chef - [chef] Re: Recovery of encrypted data bags

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Recovery of encrypted data bags

From: Kevin Yank < >
To:
Subject: [chef] Re: Recovery of encrypted data bags
Date: Tue, 14 May 2013 21:25:19 +1000

Hi Dorian,

On 14/05/2013, at 8:03 PM, Dorian Jaminais
< >
wrote:

> Is there a way to recover the real informations (eg. passwords) in case of
> a failure of the chef server ? (providing that I still have the secret file
> used at encryption time.)

Yes, absolutely. You can simply upload the encrypted data bags to a new chef
server, and access them with the same secret file.

The Chef Server is not at all involved in the encryption/decryption of data
bags. It merely stores the encrypted data you send it, and sends it back when
requested, after which the client does the decryption.

--
Kevin Yank
Chief Technology Officer, Avalanche Technology Group / AVG Technologies AU
Pty Ltd

2/101 Tulip Street, Sandringham Victoria 3191 Australia
ph: +61 3 9581 0806

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[chef] Recovery of encrypted data bags, Dorian Jaminais, 05/14/2013
- [chef] Re: Recovery of encrypted data bags, Kevin Yank, 05/14/2013
  - [chef] Re: Re: Recovery of encrypted data bags, Dorian Jaminais, 05/14/2013
    - [chef] Re: Re: Re: Recovery of encrypted data bags, Daniel DeLeo, 05/14/2013
      - [chef] Re: Re: Re: Re: Recovery of encrypted data bags, Dorian Jaminais, 05/15/2013