Re: handling private keys
On 6/28/05, Radu Spineanu <firstname.lastname@example.org> wrote:
> Has anyone heard of an implementation, or at least a whitepaper related
> to creating some kind of secure zone where i can keep these keys ?
If you're using strong enough passwords, your keys would still be
pretty safe. An attacker could try cracking them offline, but that
could take a very long time.
As to your question, once someone roots your box all bets are off. If
you're really paranoid about these keys, keep them on a dedicated
machine that's extremely locked down. Or even a machine with no
network at all, and move data back and forth on a usb drive.