Douglas A. Tutty wrote:
[snip]
There are a limited number of place where a piece of software can leak
info:
1. to /tmp:Its encrypted
2. to /var/tmp:Its encrypted
3. to somewhere on ~/ I have /home encrypted
4. left in swapits encr
Douglas A. Tutty wrote:
> On Wed, Apr 08, 2009 at 11:26:20AM -0400, H.S. wrote:
>> Douglas A. Tutty wrote:
>>> On Tue, Apr 07, 2009 at 06:17:56PM -0400, H.S. wrote:
Douglas A. Tutty wrote:
> On Tue, Apr 07, 2009 at 05:46:31PM -0400, H.S. wrote:
>> Douglas A. Tutty wrote:
>
>>> $ cat
On Wed, Apr 08, 2009 at 11:26:20AM -0400, H.S. wrote:
> Douglas A. Tutty wrote:
> > On Tue, Apr 07, 2009 at 06:17:56PM -0400, H.S. wrote:
> >> Douglas A. Tutty wrote:
> >>> On Tue, Apr 07, 2009 at 05:46:31PM -0400, H.S. wrote:
> Douglas A. Tutty wrote:
> > $ cat /proc/swaps:
> > Filename
Douglas A. Tutty wrote:
> On Tue, Apr 07, 2009 at 06:17:56PM -0400, H.S. wrote:
>> Douglas A. Tutty wrote:
>>> On Tue, Apr 07, 2009 at 05:46:31PM -0400, H.S. wrote:
Douglas A. Tutty wrote:
> Where does it hold the decrypted data? Does it stay in RAM, does it get
> swapped, does it go
On Tue, Apr 07, 2009 at 06:17:56PM -0400, H.S. wrote:
> Douglas A. Tutty wrote:
> > On Tue, Apr 07, 2009 at 05:46:31PM -0400, H.S. wrote:
> >> Douglas A. Tutty wrote:
> >>> Where does it hold the decrypted data? Does it stay in RAM, does it get
> >>> swapped, does it go to a scratch file?
> >> Thi
On 2009-04-08 00:17 +0200, H.S. wrote:
> Douglas A. Tutty wrote:
>> On Tue, Apr 07, 2009 at 05:46:31PM -0400, H.S. wrote:
>>> Douglas A. Tutty wrote:
Where does it hold the decrypted data? Does it stay in RAM, does it get
swapped, does it go to a scratch file?
>>> This might help:
>>> h
Douglas A. Tutty wrote:
> On Tue, Apr 07, 2009 at 05:46:31PM -0400, H.S. wrote:
>> Douglas A. Tutty wrote:
>>> Where does it hold the decrypted data? Does it stay in RAM, does it get
>>> swapped, does it go to a scratch file?
>> This might help:
>> http://www.easypg.org/
>
> yea, it looks like it
On Tue, Apr 07, 2009 at 05:46:31PM -0400, H.S. wrote:
> Douglas A. Tutty wrote:
> >
> > Where does it hold the decrypted data? Does it stay in RAM, does it get
> > swapped, does it go to a scratch file?
>
> This might help:
> http://www.easypg.org/
yea, it looks like it can leak info.
Doug.
Douglas A. Tutty wrote:
>
> Where does it hold the decrypted data? Does it stay in RAM, does it get
> swapped, does it go to a scratch file?
>
> Doug.
>
>
This might help:
http://www.easypg.org/
--
Please reply to this list only. I read this list on its corresponding
newsgroup on gmane.or
On Tue, Apr 07, 2009 at 11:16:37PM +0200, Samuel B?chler wrote:
> Thanks a lot to everyone!
>
> Just as a short description:
> I installed easypg. In the console environment I type `emacs keys.pgp'.
> This starts emacs and prompts for passphrase of `keys.pgp'. After entering
> the passphrase you c
Thanks a lot to everyone!
Just as a short description:
I installed easypg. In the console environment I type `emacs keys.pgp'.
This starts emacs and prompts for passphrase of `keys.pgp'. After entering
the passphrase you can edit your file with the passwords. When you are
finished with altering t
On Sun, Apr 05, 2009 at 05:36:08PM +0200, Samuel B?chler wrote:
> I store logins and passwords of some dozen of Web-Services in
> an encrypted file. I used to use kgpg to read and update this file.
>
> Some weeks ago I found on debian-security [1] the following script:
>
> #!/bin/sh
> gpg keys.gp
H.S. wrote:
>
>
> As Alex mentioned, tools exist for both vim and emacs.
>
> I have found this for vim (a vim plugin):
> http://ry.ca/blog/2008/10/transparent-editing-of-gpg-encrypted-files-in-vim/
>
> and installed easypg package for emacs. I am yet to play with them.
Better still, this is t
In case you are interested more in a feature-richer password organizer I
propose the excellent KeepassX (aptitude install keepassx).
smime.p7s
Description: S/MIME Cryptographic Signature
Samuel Bächler wrote:
> Dear Everyone
>
> I store logins and passwords of some dozen of Web-Services in
> an encrypted file. I used to use kgpg to read and update this file.
>
> Some weeks ago I found on debian-security [1] the following script:
>
> #!/bin/sh
> gpg keys.gpg > /dev/null
> emacs k
Quoting Daniel Burrows :
On Sun, Apr 05, 2009 at 05:36:08PM +0200, Samuel Bächler
was heard to say:
I store logins and passwords of some dozen of Web-Services in
an encrypted file. I used to use kgpg to read and update this file.
This isn't the answer to your question, but you might want
On Sun, Apr 05, 2009 at 05:36:08PM +0200, Samuel Bächler was
heard to say:
> I store logins and passwords of some dozen of Web-Services in
> an encrypted file. I used to use kgpg to read and update this file.
This isn't the answer to your question, but you might want to look at
the pwsafe pack
Hello,
Axel Freyn wrote:
>
> A much safer approach (using vim instead of emacs) is e.g described in
> http://www.debian.org/doc/manuals/reference/ch-gnupg.en.html, 14.4.2:
> In this way, the clear-text version is never stored on the hard-disk,
> but only kept in memory while you are editing the
On 2009-04-06 15:35 +0200, Samuel Bächler wrote:
> On Axels input I modified the script:
>
> #!/bin/sh
> gpg keys.gpg > /dev/null
> emacs keys
> rm keys.gpg
> gpg -r "user-ID" -e keys
> srm keys # *secure*rm keys
> srm keys~# *secure*rm keys~
>
> Drawback: During the time one works on the list `ke
Thanks for the inputs so far.
On Axels input I modified the script:
#!/bin/sh
gpg keys.gpg > /dev/null
emacs keys
rm keys.gpg
gpg -r "user-ID" -e keys
srm keys # *secure*rm keys
srm keys~# *secure*rm keys~
Drawback: During the time one works on the list `keys' it is readable
at `/path/to/keys'.
Hi Sämi,
> Some weeks ago I found on debian-security [1] the following script:
>
> #!/bin/sh
> gpg keys.gpg > /dev/null
> emacs keys
> rm keys.gpg
> gpg -r "user-ID" -e keys
> rm keys
>
> What do you guys think is this approach reasonably secure? I like
> the script above because it is rather sim
Dear Everyone
I store logins and passwords of some dozen of Web-Services in
an encrypted file. I used to use kgpg to read and update this file.
Some weeks ago I found on debian-security [1] the following script:
#!/bin/sh
gpg keys.gpg > /dev/null
emacs keys
rm keys.gpg
gpg -r "user-ID" -e keys
22 matches
Mail list logo
