-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bodo Staron wrote: > The key file is on that server. Isn't that a huge security risk, like > when your private PGP key leaks out? What if someone get's access to > that gpg keyfile? Is password only mode better for servers that are > housed in a data center? But that is considered insecure? I'm a little > confused now. see pt. 8 of the loop-aes README, "Security levels". you're right, when the keys are not stored on the same machine, you "are more secure". but "usb-stick-removing-slaves" are normally not an option in a data center. <me thinking loudly> but since the gpg keys are password-encrypted anyway (right?) and thus need admin-interaction to actually "mount" the partition, you could import the key from another remote machine and then delete the key afterwards, i *guess*. </me thinking loudly> Christian. - -- BOFH excuse #180: ether leak -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBOHLB+A7rjkF8z0wRAql9AJ4qkYlEd0ie0Bu0oar79MjYlFMeuACfXBqW QBkl+VUFTlx7Yzz72PlxH1U= =ztB6 -----END PGP SIGNATURE----- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
