sbutler at fchn.com
Wed Apr 7 17:17:39 CEST 2004
Having worked as a system admin for a large newspaper company, if a critical
employee is walked out the door (or leaves) all passwords known to them (or
even presumed to be known by them) are immediately changed. Therefore, any
database of passwords they may have copied at home (even if encrypted) are
The new list is distributed as needed. If the super user password changes,
a copy is placed in the VP's office safe.
From: Atom 'Smasher' [mailto:atom-gpg at suspicious.org]
Sent: Wednesday, April 07, 2004 1:14 AM
To: gnupg-users at gnupg.org
Subject: Re: Implementation questions
-----BEGIN PGP SIGNED MESSAGE-----
> Thanks for the reply, the email being encrypted was not a huge concern,
> we would only use that for corporate communication and if the recipient
> left then the sender would know what was in the email.
1) install my public key
2) $ chmod 0 ~/.gnupg/gpg.conf
3) $ ps | gpg -ear 0x3D7D41E3
you're the sender, i'm the recipient. as the sender of that message, see
if you can decrypt it... i'll be *very* impressed if you can.
my point, here, is that you can't always count on the sender encrypting to
themself. and what if the sender and recipient both get hit by a bus?
> We were more looking along the lines of storing customer info
> (passwords) where multiple sysadmins could access/decrypt the info and
data can be ENcrypted on auto-pilot to as many keys as you want, and sent
to a file, database, etc....
> the scenario our suit likes to use "What if your all hit by a bus at the
> same time?" he would be able to decrypt the passwords and pass them on
> to the replacment team.
one of the encryption keys could belong to the boss... they never plan on
getting hit by a bus. also, you might want to print out your private key,
write out your secret password on it, put it in an envelope, and store
that in a locked safe, under control of the boss. when all of the techs
get hit by a meteorite, the new techs can recover the keys from the safe.
> Once a file is encrypted to multiple keys is there a way to remove one
> of the keys from being able to decrypt it? Sort of like revoking a key?
that's tough.... i can't think of a way to do that. even if you could
"revoke" the key, let's say one of the employees emails the database to
himself, and then gets fired: he's home with a copy of the db and his
the best thing i can think of (at 0400 hrs) to deal with that, is to have
a file/db encrypted to each employee. if an employee leaves, that file/db
can be deleted.... but it won't do any good to delete it if they already
saved their own copy ;)
PGP key - http://atom.smasher.org/pgp.txt
3EBE 2810 30AE 601D 54B2 4A90 9C28 0BBF 3D7D 41E3
"I hope we shall crush in its birth the aristocracy of our
monied corporations which dare already to challenge our
government to a trial of strength, and bid defiance to
the laws our country."
-- Thomas Jefferson, 1816
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
Comment: What is this gibberish? -
-----END PGP SIGNATURE-----
Gnupg-users mailing list
Gnupg-users at gnupg.org
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
More information about the Gnupg-users