todo/Make the number of shard servers configurablekeysafehttp://keysafe.branchable.com/todo/Make_the_number_of_shard_servers_configurable/keysafeikiwiki2017-04-04T16:30:33Zcomment 1http://keysafe.branchable.com/todo/Make_the_number_of_shard_servers_configurable/comment_1_4416f7495e2a34a3cdb6f5106beaf582/joey2017-04-04T16:30:33Z2017-04-04T16:19:10Z
<p>You can use --totalshares and --neededshares to configure how many shares
keysafe splits the key into. See also
<a href="http://keysafe.branchable.com/todo/detect_number_of_required_shares_on_restore/">detect number of required shares on restore</a>.</p>
<p>Bear in mind that colluding servers still have to guess the name used to
find the shares to combine, and even then they still have the expensive
work of cracking the password ahead. Splitting the secret across servers is
only an initial line of defense.</p>
<p>It's debatable whether having a lot of servers would add much security.</p>
<p>But, keysafe needs more servers in any case. With more than 3 servers,
splits like 3-of-4 and 2-of-4 become usable; these and other parameters are
probably useful in some cases.</p>