auto sign files
Thomas Sjögren
thomas at northernsecurity.net
Tue Jan 18 13:47:44 CET 2005
On Tue, Jan 18, 2005 at 12:33:18PM +0000, Neil Williams wrote:
> Just reading the script will be enough to identify
> the passphrase. Therefore automated signatures give a FALSE sense of
> security. As soon as the machine is compromised, the script is readable, the
> key identifiable, the passphrase known. oops.
Not supporting automating signatures but SHC[1] might be worth checking
out. LinuxSecurity.com got an article[2] about it as well.
[1] http://www.datsi.fi.upm.es/%7Efrosal/sources/shc.html
[2] http://www.linuxsecurity.com/content/view/117920/49/
/Thomas
--
== Encrypted e-mails preferred | GPG KeyID: 114AA85C
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: Digital signature
Url : /pipermail/attachments/20050118/164a0502/attachment.pgp
More information about the Gnupg-users
mailing list