It would be good to provide the ability to encrypt the individual key files so that the database cannot be opened if someone gains a copy of a key file.
Therefore with a shared database, each user could have a separate copy of the key file encrypted with their own password.
This is standard practice with openssh and is done by using the ssh-keygen utility.
If the current key file format will not allow the option of encryption, perhaps a separate file extension could be proposed. e.g. eky for encrypted key
Log in to post a comment.