[ale] How do you store your passwords?
Jerry Yu
jjj863 at gmail.com
Sat Nov 10 09:13:54 EST 2007
so far this is talking about keeping for personal use. What about for group
sharing? Are there a free/oss/commercial tools to have the following
features. GnuPG or PGP carries many of these features. Is a good wrapper
of GnuPG for this?
1. condentiality: encryption (AES, 3DES, blowfish, crypt, etc.)
2. authentication: indivual access key to the basically same file
3. authorization: grant/revoke access w/o touching the secret file(s)
4. audit: audit trail of r/w or r/o access
5. audit: version control
6. availabilty: ease of publishing or distribution
7. availability: DR (what if individual key/token get lost & what
about master key/phrase/secureID get lost)
8. integrity: mechanism to verify authenticity & integrity of the file
On Nov 9, 2007 5:35 PM, Brian Pitts <brian at polibyte.com> wrote:
> Nick Ali wrote:
> > On Nov 9, 2007 4:46 PM, Paul Cartwright <ale at pcartwright.com> wrote:
> >> I can take that FILENAME.gpg, put it on my USB stick, and carry it
> around
> >> safely.. I think..
> >
> > You also need to carry the private key, which is stored in ~/.gnupg if
> > you just created a public/private key set on your local machine. Just
> > copy the .gnupg/ to your stick and use the --homedir option to point
> > to it when decrypting.
> >
> > nick
>
> This is why I think an encrypted partition is a better solution, btw. Of
> course, you have to remember the password to decrypt the master key that
> decrypts the partition.
>
> http://www.saout.de/tikiwiki/tiki-index.php?page=LUKS
>
> -Brian
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Ale
mailing list