Generate your encrypted key in Cloud Backup
Last updated on: 2019-01-04
Authored by: Rackspace Support
Rackspace Cloud Backup encrypts your passphrase locally on your browser by using a JavaScript RSA (Rivest–Shamir–Adleman encryption) library. Encryption happens before the passphrase is submitted over the web.
Rackspace never knows your unencrypted (or clear text) passphrase. Your passphrase is encrypted by using public and private key pairs, which is the Secure Socket Layer (SSL) web security standard for transmitting data over secure connections. Only your encrypted passphrase is sent to Rackspace. All communication between your computer and Rackspace servers for Cloud Backup is done over SSL, so no one can intercept and read your messages. You can, however, encrypt your passphrase yourself by using the public and private keys for your system. This method bypasses Rackspace’s client-side encryption library.
Encrypt your passphrase by using the following script:
#!/usr/bin/env python
# rcbucrypt.py - Create hex encryption key for API call to set encryption password.
#
# WARNING: This code might not work on some operating systems' flavors of python,
# such as Mac OS-X
#
# Example: rcbucrypt.py thisismypassword public-key.pem
import sys
import binascii
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5
def encrypt(secret, pemfile):
public_key_path = pemfile
print public_key_path
public_key = None
with open(public_key_path) as f:
public_key = f.read()
pkey = RSA.importKey(public_key)
cipher = PKCS1_v1_5.new(pkey)
encrypted_password = cipher.encrypt(secret)
hex_pass = binascii.hexlify(encrypted_password).decode()
print hex_pass
def syntax():
print 'syntax: rcbucrypt '
sys.exit(1)
if (__name__ == "__main__"):
if (len(sys.argv) == 1):
syntax()
secret = sys.argv[1]
pemfile = sys.argv[2]
encrypt(secret, pemfile)
©2020 Rackspace US, Inc.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License
