Perl, GPG, and --passphrase-fd

Frank Tobin ftobin@uiuc.edu
Sun Jun 10 18:41:01 2001


Christopher Maujean, at 14:39 on Thu, 7 Jun 2001, wrote:

    umm, correct me if I'm wrong, but doesn't hardcoding the passphrase in a
    text file somewhere Completely break, destroy, invalidate, and otherwise
    mangle the whole point of encryption?


No, it doesn't.  Having a passphrase protect a secret key merely helps the
security of the secret key, and is only possible when an external entity
(e.g., a human user) needs access to the key.  If two machines are trying
to keep secrets (e.g., ipsec), then of course, the secret key will not be
protected by a passphrase that is as secure.

-- 
Frank Tobin		http://www.uiuc.edu/~ftobin/