Backup with encryption

Erwan David erwan at rail.eu.org
Fri Feb 18 01:27:57 CET 2005


Le Thu 17/02/2005, Greg Sabino Mullane disait
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> Mads wrote:
> > Greg Sabino Mullane wrote:
> > ..
> >> gpg -ca yourfile
> > ..
> >> The only thing you have to worry about then is forgetting the password.
> >
> > That would mean he would have to input a passphrase everytime he does a
> > backups, or make a script that does it for him, which could be a
> > potential security risk.
> 
> Sure, but if you have access to the script and the password, you also
> more than likely have access to the unencrypted files you are backing up,
> so the additional risk is not really there. A possibly better "best of both
> worlds" way is to simply create a private/public keypair just for the
> backups, handled with different security requirements than your personal
> key.

for backup you only need the public key, so no problem to let a script use it.
I doubt you do unattented recovery, so you can handle your private key as usual
in this case.

-- 
Erwan



More information about the Gnupg-users mailing list