Re: Encrypt /decrypta file with ssh keys.

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Alex Bligh wrote:

On 5 Aug 2016, at 18:09, James Murphy<james.murphy.debian@xxxxxxxxx>  wrote:

The more mainstream thing to do is just use gpg, which has this
functionality already built in. Is this not suitable for your use case?


The advantage of Colin's approach is that gpg requires out of band exchange
of gpg keys separately from ssh keys. If you already have ssh keys
distributed (which might be in an automated environment for instance),
it would be very useful.

Of course if you already have gpg keys set up and exchanged, gpg
would be just fine.
The downside to this approach is your using keys created for signing for encryption now. Which means you've leaked additional information about the key material. Thus slightly weakening the 
security of your key.

Which isn't really a smart thing to do.

Ben
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux