gnupg at ml0402.albert.uni.cc
Tue Mar 30 13:09:20 CEST 2004
Am Montag, 29. März 2004 15:29 schrieb nobrain:
> I routinely generate backups as follows:
> tar -c F | gpg --symmetric > E
I use this:
tar -cvf "$backup" "$backupdir"
echo "$mantra" | gpg --quiet --no-tty --pgp8 --batch --passphrase-fd
0 --charset iso-8859-15 --force-mdc --no-secmem-warning --symmetric
--output "$backup".gpg "backup"
I am not sure, if it is a good idea to do everything in 1 pipe.
Maybe the compression, which is important for encrypting, works
better, if you do it than I do.
> Should I be encrypting only the files that need
> to be kept secret rather than the whole of F?
I think so. I give every folder a special "sign" at the end, to
decide, if it should be encrpyted.
> Should I be using a different passphrase
> for each backup?
You can create a dynamic password, which you know only. Of course I
can't tell you what I do, but you can do some calculations with the
time of a file, or use the md5sum of a certain line of a plain text
file, a.s.o. Be careful with md5sum/sha1sum, if you like to decrypt
on a different os.
> Should I be using assymmetric encryption
It depends on your needs. IMO it is a question of worst case. If you
loose everything it is easier to access with a passphrase.
More information about the Gnupg-users