trusted keyring storage
Fri, 17 Sep 1999 02:29:30 -0400
Hi, I was just curious as to how most *nix users store their keys. I used
to use PGP on Windows and considered it a pretty safe place to store my keys
since it was a single-user OS... until more and more security flaws became
revealed which would allow anyone to get at my keys anyway.
Now I'm running Linux and looking for a decent mechanism to store my keys,
which is also convenient, and am looking to see how everyone else finds it
easiest. I imagine the "best" way would be to just use a floppy disk and
mount it only when necessary, but I'm wondering how much trust I would be
able to put into the usual filesystem security (i.e., permissions) to
protect my keys. I'm basically the only one who uses this machine, although
I do occasionally have others (friends) log in once in a while both remotely
(I'm on a ppp dialup) and from the console.
I have taken the necessary measures regarding permissions to protect my dir,
keys, etc. and am quite familiar with security measures, but I still am a
little weary of putting keyrings on any networked machine. I guess my real
question is, "Am I being too paranoid?" :)
Thanks for any advice.