Is it safe to put an encrypted file on a public web server
Dion Moult
dion at thinkmoult.com
Wed Nov 11 17:00:47 CET 2009
Hello,
I would recommend putting it below the document root of the webserver for
added security - you really don't want crawlers easily discovering it.
On Wednesday 11 November 2009 20:13:33 Morten Kjærulff wrote:
> Hi,
>
> I am new here, so sorry if I ask stupid questions.
>
> I would like to use my unused storage on various web servers for
> backup of my personal data, including the file with all my passwords.
>
> Q1) Assume that I make a good passphrase, would it then be safe to
> encrypt my backup with "gpg --symmetric ...", and put the backup where
> anyone can get it?
>
> man page for --symmetric say: "... The default symmetric cipher
> used is CAST5, but may be chosen with the --cipher-algo option.
> ...". "gpg --version" says:
>
> Home: ~/.gnupg
> Supported algorithms:
> Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
> Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
> Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
> Compression: Uncompressed, ZIP, ZLIB, BZIP2
>
> Q2) Why would I use another cipher?
>
> Q3) Are some ciphers stronger than others? If so, which is the best
> for my purpose? (is it purpose dependent which is best?)
>
> Cheers,
> Morten
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
--
Dion Moult :-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20091112/cc950de6/attachment.pgp>
More information about the Gnupg-users
mailing list