trust keys
Aditya
adityald2@gmx.net
Thu Jun 6 08:10:01 2002
This is a multi-part message in MIME format.
------=_NextPart_000_008B_01C20D36.4C8D29F0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
i think you should have seperate keys on the server and on the win2k
computer
something like this=20
encrypted email ----------->
Linux Server=20
- ----------------------------------------------------------------------
- --Win2k Comp
(private Key 1 used to encrypt =20
( private key2 is used to=20
with recipent for public key2 only ) =20
decrypt the mail on this comp )
1. generate a keypair on the linux server
2. generate a keypare on win2k comp ( or use existing keypairs )=20
3. and then use one key1 to encrypt for key key2 ( disable
encrypttoself option )
this way you dont have to worry about anyone else reading your my sql
database dump
but first you must harden your linux server carefully to minimize the
possiblity of breakin or being cracked
hope that helps
- -aditya
aditya@online.dns2go.biz
- ----- Original Message -----=20
From: akorthaus@web.de=20
To: gnupg-users@gnupg.org=20
Sent: Wednesday, June 05, 2002 6:06 PM
Subject: trust keys
Hallo!
OK, I=B4ve set the trust from that public key to marginal trust. But
now if I try to use --rescipient andreas instead of
- --default-recipient andreas, I get the following:
gzip -c zip.php | gpg -o data.gpg -a -e -r andreas
gpg: Warning: using insecure memory!
gpg: Datensicherung: skipped: public key not found
gpg: [stdin]: encryption failed: public key not found
if I use --default-recipient andreas it works. What am I making wrong
all the time?=20
An something else, I only use GPG on this Linux Server, to encrypt
ONE file, to send me every day automatically, and nobody should be
able to read it instead of me. So I don=B4t have an own privat key on
that server, to sign this puplic key. It is my public key from my
PC(other compouter, win2k), so I trust me! I only want to avoid, that
other people get the data. Or should I do something else? Isn=B4t it
very secure in this way?
Thank you very much for your help!
- -- Andreas
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
Comment: BDE6 89FE 90AE BF0B 9E48 0183 F1DD 813E 6EE0 0231
iQA/AwUBPP7Tc/HdgT5u4AIxEQIzLwCfVzbgxUHn0pCgMvN3rQRn0H8QGcQAn1gV
2deqEQtTP4yVWqtRlCMW4Ed4
=3DYSbp
-----END PGP SIGNATURE-----
________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
------=_NextPart_000_008B_01C20D36.4C8D29F0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2462.0" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>-----BEGIN PGP SIGNED =
MESSAGE-----<BR>Hash:=20
SHA1</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>i think you should have seperate keys =
on the server=20
and on the win2k<BR>computer</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>something like this=20
<BR> &nb=
sp; &nbs=
p;  =
; =20
encrypted email=20
-----------><BR> =
=20
Linux Server <BR>-=20
----------------------------------------------------------------------<BR=
>-=20
--Win2k Comp</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>(private Key 1 used to=20
encrypt =
&=
nbsp; &n=
bsp; =20
<BR> ( private =
key2 is=20
used to <BR>with recipent for public key2 only=20
) =
&=
nbsp; =20
<BR> decrypt =
the=20
mail on this comp )</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>1. generate a keypair on the linux =
server<BR>2.=20
generate a keypare on win2k comp ( or use existing keypairs ) <BR>3. and =
then=20
use one key1 to encrypt for key key2 ( disable<BR>encrypttoself option=20
)</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>this way you dont have to worry about =
anyone else=20
reading your my sql<BR>database dump<BR>but first you must harden your =
linux=20
server carefully to minimize the<BR>possiblity of breakin or being=20
cracked</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>hope that helps</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>- -aditya</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2><A=20
href=3D"mailto:aditya@online.dns2go.biz">aditya@online.dns2go.biz</A></FO=
NT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>- ----- Original Message ----- =
<BR>From: <A=20
href=3D"mailto:akorthaus@web.de">akorthaus@web.de</A> <BR>To: <A=20
href=3D"mailto:gnupg-users@gnupg.org">gnupg-users@gnupg.org</A> =
<BR>Sent:=20
Wednesday, June 05, 2002 6:06 PM<BR>Subject: trust keys</FONT></DIV>
<DIV> </DIV><FONT face=3DArial size=3D2>
<DIV><BR>Hallo!<BR>OK, I=B4ve set the trust from that public key to =
marginal=20
trust. But<BR>now if I try to use --rescipient andreas instead of<BR>-=20
--default-recipient andreas, I get the following:</DIV>
<DIV> </DIV>
<DIV>gzip -c zip.php | gpg -o data.gpg -a -e -r andreas</DIV>
<DIV> </DIV>
<DIV>gpg: Warning: using insecure memory!<BR>gpg: Datensicherung: =
skipped:=20
public key not found<BR>gpg: [stdin]: encryption failed: public key not=20
found</DIV>
<DIV> </DIV>
<DIV>if I use --default-recipient andreas it works. What am I making=20
wrong<BR>all the time? </DIV>
<DIV> </DIV>
<DIV>An something else, I only use GPG on this Linux Server, to =
encrypt<BR>ONE=20
file, to send me every day automatically, and nobody should be<BR>able =
to read=20
it instead of me. So I don=B4t have an own privat key on<BR>that server, =
to sign=20
this puplic key. It is my public key from my<BR>PC(other compouter, =
win2k), so I=20
trust me! I only want to avoid, that<BR>other people get the data. Or =
should I=20
do something else? Isn=B4t it<BR>very secure in this way?</DIV>
<DIV> </DIV>
<DIV>Thank you very much for your help!</DIV>
<DIV> </DIV>
<DIV>- -- Andreas</DIV>
<DIV> </DIV>
<DIV>-----BEGIN PGP SIGNATURE-----<BR>Version: PGPfreeware 7.0.3 for=20
non-commercial use <<A=20
href=3D"http://www.pgp.com">http://www.pgp.com</A>><BR>Comment: BDE6 =
89FE 90AE=20
BF0B 9E48 0183 F1DD 813E 6EE0 0231</DIV>
<DIV> </DIV>
<DIV>iQA/AwUBPP7Tc/HdgT5u4AIxEQIzLwCfVzbgxUHn0pCgMvN3rQRn0H8QGcQAn1gV<BR>=
2deqEQtTP4yVWqtRlCMW4Ed4<BR>=3DYSbp<BR>-----END=20
PGP SIGNATURE-----<BR></FONT></DIV><a style=3D"text-decoration: none" href=3Dhttp://www.mailtraq.com><p =
style=3D"font-size: 8pt; font-family: Verdana, sans-serif; color: =
#aaaaaa; text-decoration: none; border-color: #dddddd; border-style: =
solid; border-top-width: 1px; border-right-width: 0px; border-bottom-width: =
0px; border-left-width: 0px; line-height: 9pt">
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)</font></a></BODY></HTML>
------=_NextPart_000_008B_01C20D36.4C8D29F0--