[ale] How do you store your passwords?

Jeremy T. Bouse jeremy.bouse at undergrid.net
Mon Nov 12 16:12:51 EST 2007


    Well this does make the assumption that one you've not done your due
diligence and allowed your system to be compromised as well as that you
would leave your encrypted partition mounted if you weren't using it.
With my encrypted pendrive I remove it if I step away from my computer
for any reason, just as I enable the screen lock as well.

    With my LUKS encrypted drive I do get prompted to enter the
passphrase to decrypt it in order to get to the unencrypted filesystem
it contains. Running from a Gnome desktop it's handled automatically
without any special commands and is just as easily unmounted. The
passphrase is not saved anywhere that someone could pick it up and is
completely separate from the passphrase used on the keys stored within.

    Jeremy

Bob Toxen wrote:
> The problem with an encrypted partition is that if you normally keep it
> mounted, if anyone cracks your system's security he can see the data!
>
> With an encrypted file, the hacker first needs to crack the system and
> then wait for you to enter the passphrase (unless you use ssh-agent
> to cache passphrases).
>
> Bob
>
> On Fri, Nov 09, 2007 at 05:35:22PM -0500, Brian Pitts wrote:
>   
>> Nick Ali wrote:
>>     
>>> On Nov 9, 2007 4:46 PM, Paul Cartwright <ale at pcartwright.com> wrote:
>>>       
>>>> I can take that FILENAME.gpg, put it on my USB stick, and carry it around
>>>> safely.. I  think..
>>>>         
>>> You also need to carry the private key, which is stored in ~/.gnupg if
>>> you just created a public/private key set on your local machine. Just
>>> copy the .gnupg/ to your stick and use the --homedir option to point
>>> to it when decrypting.
>>>
>>> nick
>>>       
>> This is why I think an encrypted partition is a better solution, btw. Of 
>> course, you have to remember the password to decrypt the master key that 
>> decrypts the partition.
>>
>> http://www.saout.de/tikiwiki/tiki-index.php?page=LUKS
>>
>> -Brian
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://www.ale.org/mailman/listinfo/ale
>>     
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>   



More information about the Ale mailing list