File Share Encryption

Hello,

we want to make use of the ignition keys to protect keys on server. It is our understanding that if we create an ignition key then in case of hardware theft keys within database should be encrypted and thus unreadable.

However during my tests before adding ignition key I accessed the database through SSH+psql and did a simple "select * from key" and got back the keys in readable format which is expected.

Problem is that after adding ignition key I restarted the server and as expected it asked for passphrase to unlock. I tried to run the above query on DB while server is still locked and I got the same keys as before in readable format.

Can you please explain what am I missing here as I would expect to get unreadable data from database if server is not unlocked?

Regards

Ignition Keys protect the data on your PGP Universal Server in case an unauthorized person gains physical control of your PGP Universal Server. So it is not changing the read ability format of the key. Purpose is to secure via additional passphrase a physical access to the server. 
 

That is not what the documentation states. To quote:

"If the PGP Universal Server is protected by an ignition key, the following information is stored encrypted on the server:

• ...
• Internal and external user private (SKM) keys.
• ..."

So, if someone takes disk from the server, mounts it, copies postgres data files, he can read the keys wether or not we had ignition key?

ITSistemi,

I've tried this and been able to get the same results. I'm curious, if you extract a before and after to file, then diff the results, I see there is a slight difference in our Org key. That's all though. As you state, everything else is still in the clear.

Aaron

This behavior has now been also confirmed by support. Apparently, documentation is wrong in that part. If I recall correctly our conversation yesterday, only web messenger is protected which we don't use.

If you run a test and retrieve a database key (SKM only) before adding igntion key and after adding ignition key you will see that keys are different. The same with organization key. Please find in attachment the same keyID of the SKM key to see that they are different. So as per documentation this is right:

Internal and external user private (SKM) keys.

Other keys remain the same. So SKM keys are protected including Org. Key.

Please mark the answer as solved if agree.

Attachment(s)

before_after_ignition key_skm.txt   16 KB 1 version

Agreed, first part of the key looks very, very similar, hence the confusion.

Thank you for your assistance.

Thank you.