Re: Tools to store account (password..) in encrypted format ?
On Thu, Jul 12, 2007 at 12:28:33PM +0000, KLEIN St?phane wrote:
>
> On my box, I use plain text to store my passwords but it isn't secure.
> What cli and/or web software can I use to store my password (account) in
> encrypted format ? What do you use ?
>
> If it's possible I would like collaborate system.
>
It depends (as always). What do you mean by "it isn't secure". Nothing
is totally secure. If your home directory is only readable by you, the
file is in your home directory (or below), and is only readable by you,
what more do you want? If this isn't secure enough, what else in your
home directory are you concerned about. For example, I have a lot of
files (documents) in my home directory that are at least as sensitive as
my passwords.
This is the standard level of UNIX security. Further options include:
encrypting each file with gnupg or SSL
encrypting the whole /home partition which requires a password
to decrypt it at boot
using the pam module (I forget the name) that lets each user
have an encrypted root and pam transparently encrypts/decrypts
it with a key based on your login password. Since the login
password is only stored on the computer in hash form, that
sounds secure.
When you go beyond standard (historic) UNIX security, it gets more
complicated and you have to idenify the security threats that you want
to protect against. So what are they?
Doug.
Reply to: