[Koha] Encryption and Pseudonymization settings

David Liddle david.liddle at wycliff.de
Sat Jan 7 11:57:40 NZDT 2023


Greetings, all!

We would like to activate the GDPR and Pseudonymization settings in our instance. However, the instance does not pass the check indicated by the caution: "Pseudonymization must only be turned on if the 'bcrypt_settings' configuration entry exists and is correctly filled in the Koha configuration file." At present, there is no further guidance provided. I see the following lines in the file /etc/koha/koha-conf-site.xml.in:

<!-- This is the bcrypt settings used to generated anonymized content -->
 <bcrypt_settings>__BCRYPT_SETTINGS__</bcrypt_settings>

What form should the content of this line and these settings take? What is the standard or 'best practice'? Are there limits? Should they be entered in this file, or should they be entered in the individual site's koha.conf file?

Similarly, I would like to know what form the encryption key should take in this section:

<!-- Encryption key for crypted password or sensitive data -->
 <encryption_key>__ENCRYPTION_KEY__</encryption_key>

Are there any risks or drawbacks to enabling these settings on a live site? (I'm executing them first on a QA server with a robust backup system, but it helps to know what to expect.)

Thank you for considering my questions and offering your guidance!

Regards,


David Liddle


More information about the Koha mailing list