Protect pubring.gpg and secring.gpg
xploiting at hotmail.com
Fri Sep 5 23:16:10 CEST 2008
uhmm, i see...
and would I to encrypt the secring.gpg file?
This form, if they intercept my passphrase (with a keylogger for example), they wouldn´t nothing to do.
It´s a goog idea encrypt secring.gpg file?
Go Vegan!My personal blogsite: http://informativolibre.blogspot.com/
My vegan blogsite: http://veganismoenlared.blogspot.com/
> Date: Fri, 5 Sep 2008 16:27:13 -0400
> From: faramir.cl at gmail.com
> To: gnupg-users at gnupg.org
> Subject: Re: Protect pubring.gpg and secring.gpg
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> David Vegano escribió:
> > Hello, i´m a new member of list, and i have a doubt.
> Hello David, welcome!
> > Can someone to obtain my pass from the files pubring.gpg and secring.gpg??
> I don't think so, remember the pass is to protect your private keys
> (stored in your secring.gpg)... so what you should be worried about is
> if they can access the keys... the pass is just the lock you use to
> protect them. The thing you use to encrypt or decrypt, it is the key,
> not the pass.
> And the pubring is "public"... (Maybe you don't want people knowing if
> you have locally signed some public keys, but other than that, there is
> not "private" info in the pubring, as far as I know).
> > If this possible, how would I protecte these files?
> First, don't use a password, use a passphrase (it's the same thing as
> a password, but it is composed of several words, and numbers, and it is
> better if the words can't be obtained from a dictionary). I mean, don't
> use "Enterprise" as the pass, use something like
> "TheEnterpriseIsTheBestSpaceship". But all those words can be found in a
> dictionary, and I didn't use any number... so that is not a good
> passphrase, it is just an example.
> Anyway, you are in the right path, the passphrase is your last defense
> to protect your keys, the idea is to don't let strange people to have
> access to the files... And I don't know how to protect them, without
> knowing if you share your computer with somebody, what operating system
> you are using, and all that info.
> Best Regards
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> -----END PGP SIGNATURE-----
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
Express yourself instantly with MSN Messenger! Download today it's FREE!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users