Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sdw-admin validates config when there is only a public key #1202

Closed
1 task done
lilyannehall opened this issue Nov 19, 2024 · 0 comments · Fixed by #1205
Closed
1 task done

sdw-admin validates config when there is only a public key #1202

lilyannehall opened this issue Nov 19, 2024 · 0 comments · Fixed by #1205
Assignees
@rocodes
Milestone
1.1.0

Comments

@lilyannehall
Copy link
Member

  • I have searched for duplicates or related issues

Description

Running sdw-admin --validate and sdw-admin --apply both erroneously succeed when the sd-journalist.sec does not contain the private key.

Steps to Reproduce

Set up the workstation and copying the submission key as referenced in the docs.

qvm-run --pass-io vault \
  "gpg --homedir /run/media/user/TailsData/gnupg --export-secret-keys --armor <SVSFingerprint>" \
  > /tmp/sd-journalist.sec
  • Do not include the private key for the submission key - only the public key.
  • Running sdw-admin --validate will correctly validate the configuration.
  • Running sdw-admin --apply will succeed in setup.

Expected Behavior

Both sdw-admin --validate and sdw-admin --apply should fail.

Actual Behavior

Workstation sets up successfully, but no messages are able to be decrypted.

Comments

Ensure that there is a private key contained insd-journalist.sec during config validation.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rocodes rocodes

Labels
None yet
Projects
SecureDrop dev cycle
Archived in project
Milestone
1.1.0
2 participants
@lilyannehall @rocodes