gpg on public system?
Chad Davis
cad8@dana.ucc.nau.edu
Mon Feb 5 14:11:03 2001
I am in the same situation at my university. I also do not entirely trust
our friendly admins. I carry my secring.gpg around on a floppy (with
backups at home). But, because floppies are so slow and unreliable, I
make a directory in /tmp and chmod it 700 before copying my secring.gpg
there. This might not be very safe, but most of the other partitions on
the system are NFS mounted from elsewhere. I also have that temp directory
being deleted in my .bash_logout.
>
> is there a secure way of using gpg in a more or less
> public multiuser-system - say, a university's computer pool?
>
> It might sound a little paranoid, but I don't trust the sysop's security
> measures. And beeing it an almost public computer pool with a lot of
> students, who know the system at least as well as the administrator -
> well...
>
> Up to now I am using the ~/.gnupg -directory just as usual, except the
> ~/.gnupg/secring.gpg beeing a link to a file on a removable cd-rom. I
> know, anyone who gets root acces to the machine can also read a cd-rom,
> but at least only while it is present (so the risk is a bit decreased).
>
> I'm also planning to tripwire the whole gpg-related files.
>
> Thanks,
>
> JanP
>
Chad Davis
cad8@dana.ucc.nau.edu
PGP Key ID# 6550D214 available from:
http://www.keyserver.net