Re: [Debconf-discuss] GPG Key Management Best Practices BoF

[Adrian Knoth <adi@drcomp.erfurt.thur.de>]

On Fri, Aug 06, 2010 at 01:21:41PM -0400, Anibal Monsalve Salazar wrote:

> Steve McIntyre has a web page about "Using autofs for GPG keys on a
> USB stick" that maybe you would like to read at:
> http://www.einval.com/~steve/docs/gpg-autofs.html

I took the liberty of adding encfs to the ietherpad.

encfs is a fuse-based encrypted file system that doesn't need its own
partition or image file whatsoever.

Files inside the encfs look like this:

total 948
-rw------- 1 adi adi   8320 Jan 17  2010 ,rPtwGuOxQgF46Sovx6ozZ0c
-rwxr-xr-x 1 adi adi   8336 Apr 11  2008 -Tic7Zf79,vcTmWe4Fz9yWfZ
-rw-r--r-- 1 adi adi   1840 Jul 28 05:05 1KJhcN-k4hh4cXtzce8kt7qV
-rw------- 1 adi adi    624 Jul 29 02:07 4DB8HxQhFxlcNQMqlsNiCLo4
-rw------- 1 adi adi    624 Apr 11  2008 4b169oUT,p9MdxM2WVH-lXIN
-rw------- 1 adi adi   8439 Jan  7  2010 BmhvM4eU7dMSRWdk3MTJbgpy
-rw-r--r-- 1 adi adi 436642 Jul 28 05:05 VOpnhKqnv9y1is3YXymZhkC4
-rw-r--r-- 1 adi adi  15177 Mar 13  2009 XGVcPPORjaIBCJUydQrtd53u
-rw-r--r-- 1 adi adi 438903 Jul 31 17:26 ZcHGWFpgWyvmdcMUtnxy3NLV
-rwxr-xr-x 1 adi adi  11805 Mar 13  2009 mq4,PCAC0O896zH,IJA3zSn3
-rw-r--r-- 1 adi adi      8 Apr 11  2008 uRfEKs9A,zMGdJAkxObabX23

You then mount it to some location in your home, e.g. ~/decrypted and
symlink to .gnupg from there. (obviously, the decrypted version is
accessible)

That's it. No messing with autofs, USB sticks or whatever.


Works like a charm.


HTH

-- 
mail: adi@thur.de  	http://adi.thur.de	PGP/GPG: key via keyserver