George Ross wrote: >>> BTW, why are you encrypting these files anyway? If someone broke into >>> your computer they could just steal the crypto key too. >> Excellent question! Truth be told, as soon as they are encrypted, >> they're being moved to another server in another location, and then are >> being burned to CD and moved to a safety deposit box. > > How about if you append a hash of the file to the file, and encrypt that > too? Then have the remote machine do the trial decrypt-and-check-hash. If > all is OK the remote machine can then tell the local one to delete the > original; and if it's not OK, it can scream at you. >
Better than that, if you get GPG to sign the file when it encrypts it (using a passwordless key/subkey) and/or use the MDC option, you'll be able to do this more reliably... -- Alphax Death to all fanatics! Down with categorical imperative! OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users