new helper program for configuration import / export
peter at digitalbrains.com
Mon Oct 20 10:55:48 CEST 2014
On 19/10/14 22:08, Hauke Laging wrote:
> No. Why should that be better / easier than encrypting the whole
It wouldn't; I simply hadn't thought of it. In other words:
>> Or am I still not comprehending what it is you want to do?
When at some point my thoughts strayed to this mail thread, I suddenly
thought "D'Oh! Of course, it's much better to simply wrap it in a
symmetrically encrypted archive!". It seems we're on the same page again :).
> Especially as there may be other information in ~/.gnupg which you
> don't want to become public.
I proposed using a blacklist rather than a whitelist, because I suspect
useful files might later crop up. I came to realise a trade-off there
which needs to be mentioned: if you use a whitelist and miss useful
files, your backup is possibly not useful. That's bad. But if you use a
blacklist and a file is later added that compromises your security and
is included in the backup, that is a security issue. That's worse. But
this is mitigated by encrypting the whole backup with a good password.
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users