Re: Decrypt, Edit and Encrypt a File

To: debian-user@lists.debian.org
Subject: Re: Decrypt, Edit and Encrypt a File
From: "Douglas A. Tutty" <dtutty@vianet.ca>
Date: Mon, 6 Apr 2009 14:38:50 -0400
Message-id: <[🔎] 20090406183850.GB6746@blitz.hooton>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 49D8CFE8.3010306@boeser.ch>
References: <[🔎] 49D8CFE8.3010306@boeser.ch>

On Sun, Apr 05, 2009 at 05:36:08PM +0200, Samuel B?chler wrote:
> I store logins and passwords of some dozen of Web-Services in
> an encrypted file. I used to use kgpg to read and update this file.
> 
> Some weeks ago I found on debian-security [1] the following script:
> 
> #!/bin/sh
> gpg keys.gpg > /dev/null
> emacs keys
> rm keys.gpg
> gpg -r "user-ID" -e keys
> rm keys
> 
> What do you guys think is this approach reasonably secure? I like
> the script above because it is rather simple.

You may want to set up your system with encrypted swap, then put /tmp on
tmpfs (so that /tmp is encrypted).  Then use the libpam-tmpfile (I
think that's what it's called) so that every usere automatically gets
their own directory in /tmp as $TMP.

I use openssl to encrypt and decrypt files, and if I'm not on a system
with encrypted /home, I keep the decrypted files in $TMP.

Doug.

Reply to:

References:
- Decrypt, Edit and Encrypt a File
  - From: Samuel Bächler <linux@boeser.ch>

Prev by Date: Re: Debian's glacial movement--a rant
Next by Date: Re: Debian's glacial movement--a rant
Previous by thread: Re: Decrypt, Edit and Encrypt a File
Next by thread: ssh-agent: multikey
Index(es):
- Date
- Thread