From 5a5895203b5f787ed3f3946a1f16b65b10e92767 Mon Sep 17 00:00:00 2001 From: Andreas Auernhammer Date: Tue, 18 Dec 2018 22:00:32 +0100 Subject: [PATCH] add howto generate a master key and add master key disclaimer (#6992) This commit adds a section to the master key documentation describing how to generate a random 256 bit master key. Further this commit adds a warning that master keys are not recommended for production systems because it's (currently) not possible to replace a master key (e.g. in case of compromise). --- docs/kms/README.md | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/docs/kms/README.md b/docs/kms/README.md index d0ff6b458..a458dea07 100644 --- a/docs/kms/README.md +++ b/docs/kms/README.md @@ -16,8 +16,8 @@ Minio supports two different KMS concepts: Direct master keys are useful if the storage backend is not on the same machine as the Minio server, e.g., if network drives or Minio gateway is used and an external KMS would cause too much management overhead. - Note: If the Minio server machine is ever compromised, then the master key must also be - treated as compromised. + Note: KMS master keys are mainly for testing purposes. It's not recommended to use them for production deployments. + Further if the Minio server machine is ever compromised, then the master key must also be treated as compromised. **Important:** If multiple Minio servers are configured as [gateways](https://github.com/minio/minio/blob/master/docs/gateway/README.md) @@ -119,6 +119,12 @@ A KMS master key can be specified directly using: export MINIO_SSE_MASTER_KEY=my-minio-key:6368616e676520746869732070617373776f726420746f206120736563726574 ``` +Please use your own master key. A random master key can be generated using e.g. this command on Linux/Mac/BSD* systems: + +```sh +head -c 32 /dev/urandom | xxd -c 32 -ps +``` + ### 3. Test your setup To test this setup, start minio server with environment variables set in Step 3, and server is ready to handle SSE-S3 requests.