The documentation says that token encryption based on PI_ENCFILE and also it’s said that:
“The encryption key can be encrypted with a password”.
Where should I set a password for encryption?
Thanks in Advance.
You would have to read this and a lot more.
This is a bigger puzzle with limited practical gain for an enterprise environment. You need to consider:
- how you are actually running privacyIDEA and number of processes
- you need the command line client or manuall use the rest API to set the password
- and adapt your own processes for managing/restarting the system
I would not recommend to go down this road.
This is far beyond the effort I would put into a community forum.
This would (probably) be my last comment and help on this.