[ale] How do you store your passwords?

Bob Toxen transam at verysecurelinux.com
Mon Nov 12 16:00:32 EST 2007


The problem with an encrypted partition is that if you normally keep it
mounted, if anyone cracks your system's security he can see the data!

With an encrypted file, the hacker first needs to crack the system and
then wait for you to enter the passphrase (unless you use ssh-agent
to cache passphrases).

Bob

On Fri, Nov 09, 2007 at 05:35:22PM -0500, Brian Pitts wrote:
> Nick Ali wrote:
> >On Nov 9, 2007 4:46 PM, Paul Cartwright <ale at pcartwright.com> wrote:
> >>I can take that FILENAME.gpg, put it on my USB stick, and carry it around
> >>safely.. I  think..
> >
> >You also need to carry the private key, which is stored in ~/.gnupg if
> >you just created a public/private key set on your local machine. Just
> >copy the .gnupg/ to your stick and use the --homedir option to point
> >to it when decrypting.
> >
> >nick
> 
> This is why I think an encrypted partition is a better solution, btw. Of 
> course, you have to remember the password to decrypt the master key that 
> decrypts the partition.
> 
> http://www.saout.de/tikiwiki/tiki-index.php?page=LUKS
> 
> -Brian
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale



More information about the Ale mailing list