[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Best way to encrypt data



On Fri, 2002-02-01 at 18:44, Gary Hennigan wrote:
> What's the best way to encrypt data on your hard drive such that if it
> is stolen you have some assurance that they can't get at the data? My
> understanding of how cryptography works is limited, but it seems that
> public/private key stuff, like GnuPG, wouldn't be sufficient for this
> because your secret key is stored on the hard drive and if someone
> gets that it's all over. 
> 
> I suppose you get generate your key, decrypt the file, and delete the
> key, but that seems like a difficult process if you regularly need to
> access the data. Any suggestions?

I keep my secret key inside a CFS encrypted file system.  If I am not
logged on, it is not available to anyone; if I am logged on it is still
only available to my login.  And if someone stole the machine they would
have two levels of encryption to break (CFS and the secret key pass
phrase).

(Please, everyone, let me know if I am deluding myself!)

cfs is a Debian package.

-- 
Oliver Elphick                                Oliver.Elphick@lfix.co.uk
Isle of Wight                              http://www.lfix.co.uk/oliver
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839  932A 614D 4C34 3E1D 0C1C

     "And be not conformed to this world; but be ye  
      transformed by the renewing of your mind, that ye may 
      prove what is that good, and acceptable, and perfect, 
      will of God."             Romans 12:2 

Attachment: signature.asc
Description: This is a digitally signed message part


Reply to: