Michael D. Setzer II:
> dnf install /usr/bin/clean-rpm-gpg-pubkey
Installed it.
> /usr/bin/clean-rpm-gpg-pubkey --dry-run
Did a test run, that should show you what it would do, but not actually
do it (that dry-run option)
> /usr/bin/clean-rpm-gpg-pubkey
Actually ran it.
> When I ran it cleane
> On 28 May 2025, at 12:08, Michael D. Setzer II wrote:
>
> Don't know what encryption subkeys are??
They are a GPG concept. A key can have sub keys.
I'm guessing the message means that all the sub keys of all keys we
On 28 May 2025 at 8:48, Barry wrote:
From: Barry
Subject:Re: Getting "gpg: WARNING: No valid encryption
subkey left over."
sometimes running dnf
Date sent: Wed, 28 May 2025 08:48:14 +0100
To: mi...@guam.
> On 28 May 2025, at 05:55, Michael D. Setzer II via users
> wrote:
>
> How would one correct this warning??
What rpm was being installed when you got this errror?
Is it a Fedora rpm? Or from a third party?
Barry
--
___
users mailing list -- users
How would one correct this warning??
Thanks.
++
Michael D. Setzer II - Computer Science Instructor (Retired)
mailto:mi...@guam.net
mailto:msetze...@gmail.com
mailto:msetze...@gmx.com
Guam - Where Am
Roger Heflin wrote:
> I am not sure what version mine last worked on. I would guess the
> default changed on 39 or 40.
>
> What fixed it for me (type plain password from stdin) was adding
> --hash ripemd160 (they appear to have changed the default hash, BAD
> developer).
>
> Guessing related to
at 8:35 PM Jeffrey Walton wrote:
>
> On Thu, Nov 7, 2024 at 8:03 PM Roger Heflin wrote:
> >
> > The encryption defaults changed sometime recently.
>
> I don't see the change documented at
> <https://fedoraproject.org/wiki/Releases/41/ChangeSet> or
> <
On Thu, Nov 7, 2024 at 8:03 PM Roger Heflin wrote:
>
> The encryption defaults changed sometime recently.
I don't see the change documented at
<https://fedoraproject.org/wiki/Releases/41/ChangeSet> or
<https://docs.fedoraproject.org/en-US/fedora/latest/release-notes/&g
The encryption defaults changed sometime recently.
The defaults cryptsetup command I had in a script stopped mount my
encrypted filesystem until I did a bunch of research and found out
what parameters needed to be specified to match the prior default.
If you want to try what I found out reply
> On 5 Nov 2024, at 23:04, richard emberson wrote:
>
> So, my question, is it possible to remove the encryption on a disk
> in maintenance mode. If one can, then, maybe, I might be able to login
> into my media server.
I suggest that you boot from a fedora install usb and then
graphical interface.
You can't remove disc encryption without re-writing every bit of data
stored on the disc. When using an encrypted disc the system is
decrypting the data on the fly, it's always encrypted on the disc.
Are you sure you want to do that, or simply access the encryp
oard layout/language. It is possible for the
command line (purely textual interface) to be different from the
graphical interface.
You can't remove disc encryption without re-writing every bit of data
stored on the disc. When using an encrypted disc the system is
decrypting the data on the
I tried to upgrade 3 different machine from 40 to 41. All older that boot with
/boot/efi.
Two machines were laptops and one machine was a desktop media server.
All three failed the same way.
The disk decryption mechanism did not work. Same error message generated.
If I had to guess, I believe th
One must enter the encryption passphrase before you get to select what kernel
to load.
On 11/5/24 3:44 PM, Jonathan Billings wrote:
But more importantly, have you tried booting older kernels in GRUB2 on
boot? It’s possible (albeit unlikely) that the new kernel was built with
broken
Early in Maintenance Mode I tested the keyboard and typed in the passphrase,
twice, and it appeared on the screen correctly.
On 11/5/24 6:17 PM, Tim via users wrote:
On Tue, 2024-11-05 at 18:44 -0500, Jonathan Billings wrote:
Sometimes it’s a broken keyboard.
Oh the fun (not) of trying to log
On Tue, 2024-11-05 at 18:44 -0500, Jonathan Billings wrote:
> Sometimes it’s a broken keyboard.
Oh the fun (not) of trying to login with a crappy laptop keyboard. You
can't see what characters are being typed, so you have zero clues about
what's going wrong...
On older releases I could switch on
On Nov 5, 2024, at 18:04, richard emberson wrote:
>
> So, my question, is it possible to remove the encryption on a disk
> in maintenance mode. If one can, then, maybe, I might be able to login
> into my media server.
So, if I’m reading this right, you updated to Fedora 41 and n
, upon reboot, the luks encryption password failed to work with message:
Warning: /dev/disk/by-uuid/d0696 does not exist
Generating "/run/initramfs/rdsosreport.txt"
Entering emergency mode. Exit shell to continue.
Type "journalctl" to view system logs.
Yo
François Patte wrote:
> What could be helpfull would be to tell people how to create a SHA2
> signature key
>
> I have a ssh connexion problem after upgrading a remote machine to f38 and
> it is hard to find out what to do to solve the problem.
>
> I succeeded (at last!):
>
> ssh-keygen -t r
Le 2023-08-14 21:16, Todd Zullinger a écrit :
Mike Wright wrote:
Hi all,
I recall a discussion that may have said RSA was not being accepted in
f38
and a different type was being preferred, possibly ecdsa?
It's only old RSA1 keys which use SHA1 which are not
accepted by default. RSA keys w
On 8/14/23 12:16, Todd Zullinger wrote:
Mike Wright wrote:
Hi all,
I recall a discussion that may have said RSA was not being accepted in f38
and a different type was being preferred, possibly ecdsa?
It's only old RSA1 keys which use SHA1 which are not
accepted by default. RSA keys which use
Mike Wright wrote:
> Hi all,
>
> I recall a discussion that may have said RSA was not being accepted in f38
> and a different type was being preferred, possibly ecdsa?
It's only old RSA1 keys which use SHA1 which are not
accepted by default. RSA keys which use a SHA2 algorithm
are perfectly acce
Hi all,
I recall a discussion that may have said RSA was not being accepted in
f38 and a different type was being preferred, possibly ecdsa?
Can anybody point me to that? (date or subject would help me search)
I generated an ECDSA pair. The public key seems awfully short.
Thanks
___
Here's some interesting reading. "On the security of the Linux disk
encryption LUKS," https://dys2p.com/en/2023-05-luks-security.html:
Background
On April 17, 2023 Matthew “mjg59” Garrett published an appeal to
change the key derivation function (KDF) of LUKS-encrypted volumes:
PS
On 4/22/2023 6:52 AM, Patrick O'Callaghan wrote:
On Fri, 2023-04-21 at 17:21 -0400, Go Canes wrote:
On Fri, Apr 21, 2023 at 5:17 PM Robert Nichols
wrote:
And no, I don't have a clean solution for keeping encrypted backups
in the cloud. I do believe that my current backup method (rdiff-
backup
On Fri, 2023-04-21 at 17:21 -0400, Go Canes wrote:
> On Fri, Apr 21, 2023 at 5:17 PM Robert Nichols
> wrote:
> > And no, I don't have a clean solution for keeping encrypted backups
> > in the cloud. I do believe that my current backup method (rdiff-
> > backup-2.2.4-2.fc37) is incompatible with th
Methinks that better than having a program try to get
128 bits out of 20 bits is to start with 128 bits.
This is especially true if one's opponent is a government[*].
At 6 bits per character,
128 bits can be expressed as 22 characters.
Put the output of uuidgen -r through a filter to get 22 charct
On Fri, Apr 21, 2023 at 2:35 PM Bill C wrote:
>
> I thought about putting everything on an encrypted ext4 filesystem. Maybe
> compressing it and uploading. Kind of a complicated way to do it, but might
> work.
Perhaps you can setup a SAN locally, and backup to your own SAN. For
backup software,
On Fri, Apr 21, 2023 at 5:17 PM Robert Nichols
wrote:
> And no, I don't have a clean solution for keeping encrypted backups in the
> cloud. I do believe that my current backup method (rdiff-backup-2.2.4-2.fc37)
> is incompatible with that.
Don't know if it qualifies as a "clean solution" as it
On 4/21/23 13:35, Bill C wrote:
I thought about putting everything on an encrypted ext4 filesystem. Maybe
compressing it and uploading. Kind of a complicated way to do it, but might
work.
The problem is that you can't do incremental updates or keep incremental
history. You really don't want
I thought about putting everything on an encrypted ext4 filesystem. Maybe
compressing it and uploading. Kind of a complicated way to do it, but might
work.
On Fri, Apr 21, 2023, 3:23 AM Andras Simon wrote:
> 2023-04-21 1:36 UTC+02:00, Robert Nichols :
> > On 4/20/23 14:08, Andras Simon wrote:
>
2023-04-21 1:36 UTC+02:00, Robert Nichols :
> On 4/20/23 14:08, Andras Simon wrote:
>> 2023-04-20 19:41 UTC+02:00, Bill C :
>>> Yes but I am afraid too of encrypting something and then losing the key.
>>> Something that isn't going away, we all have that issue.
>>
>> If you store these files unencr
On 4/20/23 14:08, Andras Simon wrote:
2023-04-20 19:41 UTC+02:00, Bill C :
Yes but I am afraid too of encrypting something and then losing the key.
Something that isn't going away, we all have that issue.
If you store these files unencrypted on your computer (besides having
their encrypted ver
2023-04-20 19:41 UTC+02:00, Bill C :
> Yes but I am afraid too of encrypting something and then losing the key.
> Something that isn't going away, we all have that issue.
If you store these files unencrypted on your computer (besides having
their encrypted version in the cloud), you may as well st
, at 18:06, Bill C wrote:
>> >
>> >
>> > I do som uploading to online storage providers but I concerned about
>> > security. Does anyone who does this use any particular type of security or
>> > encryption.
>>
>> I would assume that once
g to online storage providers but I concerned about
> security. Does anyone who does this use any particular type of security or
> encryption.
>
> I would assume that once uploaded you must assume that the file will get
> into the wrong hand.
>
> You could encrypt files before upl
curity. Does anyone who does this use any particular type of security or
> encryption.
>
> There are different schemes used, depending on the storage provider.
> You would need to look at the Security Architecture (SecArch) document
> to determine exactly what is going on.
>
&g
> On 20 Apr 2023, at 18:06, Bill C wrote:
>
>
> I do som uploading to online storage providers but I concerned about
> security. Does anyone who does this use any particular type of security or
> encryption.
I would assume that once uploaded you must assume that the
On Thu, Apr 20, 2023 at 1:06 PM Bill C wrote:
>
> I do som uploading to online storage providers but I concerned about
> security. Does anyone who does this use any particular type of security or
> encryption.
There are different schemes used, depending on the storage provider.
Yo
I do som uploading to online storage providers but I concerned about
security. Does anyone who does this use any particular type of security or
encryption.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le
On Wed, 19 Apr 2023 07:53:33 +0200
Andreas Fournier wrote:
> I just read this article about weaknesses in Linux disk encryption
> https://mjg59.dreamwidth.org/66429.html
> and wonder how it applies to Fedora?
> Can the instructions in the article be applied to a Fedora
> installat
On Wed, 2023-04-19 at 07:53 +0200, Andreas Fournier wrote:
> I just read this article about weaknesses in Linux disk encryption
> https://mjg59.dreamwidth.org/66429.html
> and wonder how it applies to Fedora?
To be honest, I've always considered encryption of drives to *probab
I just read this article about weaknesses in Linux disk encryption
https://mjg59.dreamwidth.org/66429.html
and wonder how it applies to Fedora?
Can the instructions in the article be applied to a Fedora
installation?
___
users mailing list -- users
On Apr 16, 2023, at 08:01, Christian Stadelmann
wrote:
> What does USBGuard have to do with encryption? As far as I know, USBGuard is
> used for blocking unwanted USB devices. You can have disk encryption with or
> without USBGuard (or the other way round). You can install us
What does USBGuard have to do with encryption? As far as I know, USBGuard is
used for blocking unwanted USB devices. You can have disk encryption with or
without USBGuard (or the other way round). You can install usbguard on
workstation if you want. It is a bit tricky to setup though,as you can
Hi,
I think it would be an interesting option to have USBGuard integrated as part
of the Workstation, and have "hardening" option to the kernel too at install
together with encryption?
___
users mailing list -- users@lists.fedoraproj
Robert Nichols wrote:
> On 9/24/22 9:31 PM, Tim via users wrote:
>> On Sat, 2022-09-24 at 11:14 -0500, Robert Nichols wrote:
>>> If you follow the recommendation to fill the device with
>>> random data first
>>
>> When was that ever recommended, and where?
>>
>> While a logical thing to do, I've
> On 25 Sep 2022, at 04:42, Robert Nichols wrote:
>
> On 9/24/22 9:31 PM, Tim via users wrote:
>> On Sat, 2022-09-24 at 11:14 -0500, Robert Nichols wrote:
>>> If you follow the recommendation to fill the device with random data first
>> When was that ever recommended, and where?
>> While a logi
On 9/24/22 9:31 PM, Tim via users wrote:
On Sat, 2022-09-24 at 11:14 -0500, Robert Nichols wrote:
If you follow the recommendation to fill the device with random data first
When was that ever recommended, and where?
While a logical thing to do, I've never seen anything or anyone ever
say that
On Sat, 2022-09-24 at 11:14 -0500, Robert Nichols wrote:
> If you follow the recommendation to fill the device with random data first
When was that ever recommended, and where?
While a logical thing to do, I've never seen anything or anyone ever
say that.
--
uname -rsvp
Linux 3.10.0-1160.76.
On 9/24/22 9:47 AM, Mgr. Janusz Chmiel wrote:
Dear specialists,
I would like to know, if enabling encryption of Fedora installation in
Anaconda installer will dramatically short The life cycle of SSD disk or USB
flash drives or SSD memory cart?
By other words. Does enabling encryption
On Sat, Sep 24, 2022 at 11:48 AM Mgr. Janusz Chmiel
wrote:
> Dear specialists,
>
> I would like to know, if enabling encryption of Fedora installation
> in Anaconda installer will dramatically short The life cycle of SSD disk
> or USB flash drives or SSD memory cart?
>
Th
Dear specialists,
I would like to know, if enabling encryption of Fedora installation
in Anaconda installer will dramatically short The life cycle of SSD disk
or USB flash drives or SSD memory cart?
By other words. Does enabling encryption enforces much more write
requests on file
95988| | Room# D114A
===
> Sent: Thursday, July 21, 2022 at 11:52 PM
> From: "Ranjan Maitra"
> To: "Community support for Fedora users"
> Subject: Re: encryption
>
> How was your previous /
How was your previous /home encryption set up? I have always used LUKS.
If you want to set up an encrypted filesystem from scratch, then you simply
check a box there which says Encryption/Encrypted (don't recall which), then
when you click Done or something, it will ask for a passphrase
===
> Sent: Thursday, July 21, 2022 at 5:33 PM
> From: "Ranjan Maitra"
> To: "Community support for Fedora users"
> Subject: Re: encryption
>
> I am not probably being helpful here, but during installation, did you do
> Cust
| | Room# D114A
===
> Sent: Thursday, July 21, 2022 at 5:33 PM
> From: "Ranjan Maitra"
> To: "Community support for Fedora users"
> Subject: Re: encryption
>
> I am not p
I am not probably being helpful here, but during installation, did you do
Custom partition. If so, you should have been able to mount the "old" /home as
an encrypted partition once you satisfactorily answered the passphrase question.
That is what I do. All my laptop /home's are encrypted by empl
On Wed, 2019-10-30 at 01:32 +, Eric Smith wrote:
> Upgrading the BIOS to a version with new AMD Ryzen microcode solved the
> problem.
When replying via HyperKitty please follow long-standing practice and
quote the context as HK doesn't do this by default.
poc
___
Upgrading the BIOS to a version with new AMD Ryzen microcode solved the problem.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraprojec
the same problem I'm reporting.
That problem was apparently RDRAND related, and is fixed in the version of
systemd in F31. If I install F31RC1.9 on the Ryzen 7 3800X _without_ filesystem
encryption, it installs and boots just fine.
___
users
> Questions about F31 should be directed to the Fedora Test list.
Sorry, since F31RC1.9 was approved for release, it hadn't occurred to me to
post to the test list. However, I have done so now.
___
users mailing list -- users@lists.fedoraproject.org
To
nstall to my "disk" (M.2 NVMe), if file
> system encryption is enabled, it hangs at "Creating luks on
> /dev/nvme0n1p6". I let it sit there for 20 minutes with no progress
> made.
>
> If I install with file system encryption disabled, it i
On Sun, 2019-10-27 at 20:22 -0600, Eric Smith wrote:
> I have a new Ryzen 7 3800X system, and since Fedora 30 won't install on
> that, I tried Fedora 31 RC1.9 Workstation Live. That boots up fine, but
> when I try to install to my "disk" (M.2 NVMe), if file system encryptio
I have a new Ryzen 7 3800X system, and since Fedora 30 won't install on
that, I tried Fedora 31 RC1.9 Workstation Live. That boots up fine, but
when I try to install to my "disk" (M.2 NVMe), if file system encryption is
enabled, it hangs at "Creating luks on /dev/nvme0n1p6"
h geany" and scanned the
>> results. Or made a guess and did
>> "dnf search geany | grep encr".
> In this case (geany), you would have to have known about an obscurely
> related package, in the first place. Though a generic search against a
> keyword like encrypt
Tim:
>> If you do "dnf search all pgp" the search goes beyond just the
>> name. But you'd still want to do a search for gnupg, as well.
>> Maybe gpg, too.
Ed Greshko:
> Well, sadly
>
> [egreshko@meimei ~]$ dnf search all pgp | grep geany
> [egreshko@meimei ~]$
> [egreshko@meimei ~]$ dnf sear
On 8/10/19 11:29 AM, Tim via users wrote:
> On Fri, 2019-08-09 at 09:42 -0400, Robert Moskowitz wrote:
>> Ah, I was looking for a plugin that had pgp in its name.
> If you do "dnf search all pgp" the search goes beyond just the name.
> But you'd still want to do a search for gnupg, as well. Maybe
On Fri, 2019-08-09 at 09:42 -0400, Robert Moskowitz wrote:
> Ah, I was looking for a plugin that had pgp in its name.
If you do "dnf search all pgp" the search goes beyond just the name.
But you'd still want to do a search for gnupg, as well. Maybe gpg,
too.
--
[tim@localhost ~]$ uname -rsvp
L
On 8/9/19 9:16 AM, Jon Ingason wrote:
Den 2019-08-09 kl. 14:53, skrev Robert Moskowitz:
On 8/9/19 8:38 AM, Ed Greshko wrote:
Oops, resending to list.
Well, google told me
https://plugins.geany.org/geanypg.html
As there is no rpm for it, it looks like I would have to build it myself
Den 2019-08-09 kl. 14:53, skrev Robert Moskowitz:
>
>
> On 8/9/19 8:38 AM, Ed Greshko wrote:
>> Oops, resending to list.
>>
>> Well, google told me
>>
>> https://plugins.geany.org/geanypg.html
>
> As there is no rpm for it, it looks like I would have to build it myself:
>
> https://plugin
On 8/9/19 8:38 AM, Ed Greshko wrote:
Oops, resending to list.
On 8/9/19 8:29 PM, Robert Moskowitz wrote:
On 8/9/19 2:31 AM, Frederic Muller wrote:
I didn't expect this, but passwordstore.org is actually a great
general-purpose notebook-style application. It's intended (and I do
use it) as
Oops, resending to list.
On 8/9/19 8:29 PM, Robert Moskowitz wrote:
>
>
> On 8/9/19 2:31 AM, Frederic Muller wrote:
>>> I didn't expect this, but passwordstore.org is actually a great
>>> general-purpose notebook-style application. It's intended (and I do
>>> use it) as a password manager. It's d
On 8/9/19 2:31 AM, Frederic Muller wrote:
I didn't expect this, but passwordstore.org is actually a great
general-purpose notebook-style application. It's intended (and I do
use it) as a password manager. It's designed to be super UNIXy, so
basically the ``pass`` command creates a directory fo
> I didn't expect this, but passwordstore.org is actually a great
> general-purpose notebook-style application. It's intended (and I do
> use it) as a password manager. It's designed to be super UNIXy, so
> basically the ``pass`` command creates a directory for its files (the
> location is configu
> Frederic Muller wrote:
>
> > Does anyone have any suggestion for such a "simple" text editor?
>
> Simple, probably not, but emacs can probably do anything. I'm
> sure it must have a pgp module, but I've never needed
> encryption.
> ___
On Thu, 8 Aug 2019 15:55:09 +0700
Frederic Muller wrote:
> Does anyone have any suggestion for such a "simple" text editor?
Simple, probably not, but emacs can probably do anything. I'm
sure it must have a pgp module, but I've
Hi!
I've been using Gjots2 for the above and am very happy with it... except
that the last release no longer support asking for the PGP passphrase
when opening an encrypted file. I did get a patch here (thank you very
much), I also did file a bug but get tired of compiling or using an
older packag
;Patrick Dupre"
> To: fedora
> Subject: encryption
>
> Hello,
>
> I am lost. You may help me.
> I have 2 questions in 1
>
> I copy an encrypted "folder" from one disk to another one (by using tar)
> How can recover it?
>
> Actually, I do not remembe
Hello,
I am lost. You may help me.
I have 2 questions in 1
I copy an encrypted "folder" from one disk to another one (by using tar)
How can recover it?
Actually, I do not remember how I do create this encrypted folder.
I cannot find the instruction
Typical to mount it, I just did:
encfs /home/pd
On Fri, Jan 15, 2016 at 1:52 AM, Chris Murphy wrote:
> Slightly off topic: Android and Cyanogenmod have an encryption option, it
> converts the user data volume in place, and its reversible.
>
> Does anyone know what they're leveraging to do this? If it were only in
> Goog
On 01/15/2016 11:52 AM, Roberto Ragusa wrote:
On 01/15/2016 04:58 PM, Robert Nichols wrote:
3. Copy the decrypted data directly back to the partition at the
correct offset (4096 sectors assumed here):
dd if=/dev/mapper/mysource bs=$((4096*512)) of=/dev/sda1 seek=1
4. Adjust the partit
> On 01/14/2016 06:40 PM, Jeffrey Ross wrote:
>> I installed Fedora 23 on a Laptop a while back and I decided to use disk
>> encryption. At this point I find the disk encryption to be more of a
>> hindrance and would like to remove it.
>>
>> Am I correct that it m
On 01/15/2016 04:58 PM, Robert Nichols wrote:
> 3. Copy the decrypted data directly back to the partition at the
>correct offset (4096 sectors assumed here):
> dd if=/dev/mapper/mysource bs=$((4096*512)) of=/dev/sda1 seek=1
> 4. Adjust the partition table to add 4096 sectors to the starti
On 01/14/2016 08:40 PM, Jeffrey Ross wrote:
I installed Fedora 23 on a Laptop a while back and I decided to use disk
encryption. At this point I find the disk encryption to be more of a
hindrance and would like to remove it.
Am I correct that it may simply be easier to re-install the system
Slightly off topic: Android and Cyanogenmod have an encryption option, it
converts the user data volume in place, and its reversible.
Does anyone know what they're leveraging to do this? If it were only in
Google's Android I might guess it's one of those proprietary parts, but
it&
I think you can get rid of disk encryption using luksipc.
Here is what I did when I had to do the reverse process:
https://lists.fedoraproject.org/pipermail/users/2015-December/467195.html
Not completely sure it will help, but I think luksipc should have the potential
to work.
Best wishes
On 01/14/2016 06:40 PM, Jeffrey Ross wrote:
I installed Fedora 23 on a Laptop a while back and I decided to use disk
encryption. At this point I find the disk encryption to be more of a
hindrance and would like to remove it.
Am I correct that it may simply be easier to re-install the system
I installed Fedora 23 on a Laptop a while back and I decided to use disk
encryption. At this point I find the disk encryption to be more of a
hindrance and would like to remove it.
Am I correct that it may simply be easier to re-install the system
rather than try to remove the encryption or
* Bill Oliver:
> Is there anything like that for fedora?
There is some work on TPM support for LUKS. I don't know if it has
made its way into Fedora, though.
> It would probably be pretty easy to hack the gpg source code to add
> a few lines to append system information to the passphrase, but i
*and* the
> > passphrase is compromised. I want the data on the flash drive
to be
> > available *only on one computer* even if the passphrase is known.
> > If you don't need to decrypt data in the field, you can use
public key > encryption. You won't be able
. I want the data on the flash drive to be
> > available *only on one computer* even if the passphrase is known.
>
> If you don't need to decrypt data in the field, you can use public key
> encryption. You won't be able to decrypt the data without the private
> ke
ypt data in the field, you can use public
key encryption. You won't be able to decrypt the data without the
private key. (Which you wouldn't have with you or the flash drive.)
TPMs provide a way to keep a secret on a computer that can't easily
be extracted (otherwise you could
lf is encrypted.
Now let's say that flash drive is stolen, lost, etc. *and* the
passphrase is compromised. I want the data on the flash drive to be
available *only on one computer* even if the passphrase is known.
If you don't need to decrypt data in the field, you can use public key
In addition to any other solution you end up using, consider
self-encrypting drives (SED); for instance:
http://www.computerweekly.com/feature/Self-encrypting-drives-SED-the-best-kept-secret-in-hard-drive-encryption-security
G'luck,
--
Dave Ihnat
dih...@dminet.com
--
uter* even if the passphrase is known.
If you don't need to decrypt data in the field, you can use public
key encryption. You won't be able to decrypt the data without the
private key. (Which you wouldn't have with you or the flash drive.)
NOBODY encrypts lots of data with asymme
't need to decrypt data in the field, you can use public
key encryption. You won't be able to decrypt the data without the
private key. (Which you wouldn't have with you or the flash drive.)
NOBODY encrypts lots of data with asymmetric cryptography. Rather,
using RSA say, yo
tself is encrypted.
Now let's say that flash drive is stolen, lost, etc. *and* the
passphrase is compromised. I want the data on the flash drive to be
available *only on one computer* even if the passphrase is known.
If you don't need to decrypt data in the field, you can use public
h drive is stolen, lost, etc. *and* the
passphrase is compromised. I want the data on the flash drive to be
available *only on one computer* even if the passphrase is known.
If you don't need to decrypt data in the field, you can use public key
encryption. You won't be able to decrypt
On 11/26/2014 05:06 PM, Joe Zeff wrote:
On 11/26/2014 01:58 PM, Bill Oliver wrote:
Then I'd rely on decrypted backups, which are stored under physical lock
and key. Or, if necessary, I'd simply go back to the client and get the
data again. I do that a lot with paper files, since I burn them wh
1 - 100 of 200 matches
Mail list logo
