Is it safe to put an encrypted file on a public web server

Dion Moult dion at
Wed Nov 11 17:00:47 CET 2009


I would recommend putting it below the document root of the webserver for 
added security - you really don't want crawlers easily discovering it.

On Wednesday 11 November 2009 20:13:33 Morten Kjærulff wrote:
> Hi,
> I am new here, so sorry if I ask stupid questions.
> I would like to use my unused storage on various web servers for
> backup of my personal data, including the file with all my passwords.
> Q1) Assume that I make a good passphrase, would it then be safe to
> encrypt my backup with "gpg --symmetric ...", and put the backup where
> anyone can get it?
> man page for --symmetric say: "... The  default symmetric  cipher
> used  is  CAST5,  but  may be chosen with the --cipher-algo option.
> ...". "gpg --version" says:
> Home: ~/.gnupg
> Supported algorithms:
> Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
> Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
> Compression: Uncompressed, ZIP, ZLIB, BZIP2
> Q2) Why would I use another cipher?
> Q3) Are some ciphers stronger than others? If so, which is the best
> for my purpose? (is it purpose dependent which is best?)
> Cheers,
> Morten
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at

Dion Moult :-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20091112/cc950de6/attachment.pgp>

More information about the Gnupg-users mailing list