Il 10/11/2016 16:24, helices ha scritto: > Our company must decrypt ~100 files 7x24 in near real time. How can SSSS > work - or any reasonable alternative - in such a production environment? Wouldn't a smartcard solve (at least partially) the issue? Insert it in a pinpad reader and have the PIN shared between two administrators. Both are required at system boot to unlock the card. If the card gets removed, no single admin can unlock it. Sure, an admin could just use it while connected to the server to decrypt files (or simply read stored files) but as others said there's no way to prevent that if the attacker have physical access to the system.
BYtE, Diego _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users