GnuPG usage for automatic remote decryption

Peter Lebbing peter at digitalbrains.com
Fri Apr 6 11:27:58 CEST 2018


On 05/04/18 10:50, 周詮儒 wrote:
> Since a secret key needs a passphrase to
> use.

Let me clarify because it is not obvious: this is not the case. It is
perfectly valid to have a secret key without a passphrase. The drawback
is anyone with file access to the on-disk copy of the secret key has
full possession of it.

> Further more, a secret key on a remote machine isn't under enough
> protection. That may have some security issue.

Try to work this thought out in detail for yourself: it depends on your
threat model. Try to think of ways an attacker can access the file with
the secret key. Think what that attacker could do with that level of
access, even if the secret key were not available to them. Could they
perhaps still fully compromise the process? If so, does it still matter
that they can also access the private key?

It might be wise to exclude the file containing the private key from
backups, though. That avoids a whole different class of access to cold
storage. I don't backup my SSH on-disk private keys. Should one of my
systems crash and need to be restored from backup, I would generate new
SSH keys and distribute them. Perhaps in your case it would also be
better to just bite the bullet and generate new keys whenever the system
is unrecoverable.

>  * To encrypt the file by a secret key:
> 
>      This can meet my needs.

I don't think this makes sense.

A public key is inherently designed to be disseminated to anybody. The
system is designed like that, it expects public data to be non-secret.
Encrypting to the public key, if it were possible, means you intend for
anybody to be able to decrypt it. That's not encryption.

If you want to be sure that something originated from a person holding a
private key, sign it with that private key. That proves that the data
was not modified from what they intended to sign.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180406/c000e1e6/attachment.sig>


More information about the Gnupg-users mailing list