On Wed, Jun 01, 2016 at 09:04:00 -0400, John Ferlan wrote: [...]
In a way I was hoping that the ",data=" option could have been used, but that leaves a base64 encoded master key on the command line along with the base64 encoded secret and iv, which yes, would allow someone sufficiently privileged enough to read any logs the ability to decipher the secret.
Not only log files. A straight ps -ef would disclose everything needed for somebody to know the password. As it was iterated a few times already, the passwords need to be kept secret by either encrypting them by a secret key (which needs to be passed via a file, there is no other way) or by passing them via a file. If you disclose the key along with the encrypted data it's no longer a secret. It's basically the same as base64 encoding. Humans can't read it. Hackers can. I thought that was clear enough. So you will never get around using a file. Also that's the reason why I object in supporting any insecure way to pass the data. Peter