Re: Decrypt, Edit and Encrypt a File
On Sun, Apr 05, 2009 at 05:36:08PM +0200, Samuel B?chler wrote:
> I store logins and passwords of some dozen of Web-Services in
> an encrypted file. I used to use kgpg to read and update this file.
>
> Some weeks ago I found on debian-security [1] the following script:
>
> #!/bin/sh
> gpg keys.gpg > /dev/null
> emacs keys
> rm keys.gpg
> gpg -r "user-ID" -e keys
> rm keys
>
> What do you guys think is this approach reasonably secure? I like
> the script above because it is rather simple.
You may want to set up your system with encrypted swap, then put /tmp on
tmpfs (so that /tmp is encrypted). Then use the libpam-tmpfile (I
think that's what it's called) so that every usere automatically gets
their own directory in /tmp as $TMP.
I use openssl to encrypt and decrypt files, and if I'm not on a system
with encrypted /home, I keep the decrypted files in $TMP.
Doug.
Reply to: