Hey all,
This is not a gentoo-specific question, but I figure there's probably people
knowledgeable enough in the subject for me to ask the question here.
Here's the situation: I have a lot of private, important information (i.e. CVS
repositories for projects, documents etc) which are sitting on my computer. I
want to back these up securely to another location where I don't want them to be
readable. I figure the best way would be to put it all into a tarball and then
use GPG to encrypt the tarball.
Well, If I were to say, encrypt it to myself, then only I could decrypt it later
on if the need arose (i.e. I lose the hard drive in my server or something).
However, then I run the risk of losing my private key along with my hard drive,
or have to keep it on a floppy.
GPG allows you to have symmetrical encryption (not public key, but encrypted to
a passphrase). It seems to me that using this would probably be better, because
I wouldn't need to take special precautions to protect the key because it would
be in my head (losing my head would probably make the information less relevant
anyway).
But would it be less secure? I don't think so, because my understanding is that
the assymetrical encryption is only used for key distribution anyway. Since I
have no need to distribute the key, it's not necessary.
I'm sure there's people out here who know a lot more about this stuff than I do.
Any thoughts? Suggestions?
Thanks!
Tom
--
Tom Eastman <[EMAIL PROTECTED]>
GnuPG Key: 42128603
Fingerprint: 6AF7 BB45 ABEE 9A33 9F9C
AB77 105E E6A5 4212 8603
--
[EMAIL PROTECTED] mailing list
