From owner-freebsd-questions@FreeBSD.ORG  Wed May 26 07:03:00 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 56BB216A4CE
	for <freebsd-questions@freebsd.org>;
	Wed, 26 May 2004 07:03:00 -0700 (PDT)
Received: from bureau14.utcc.utoronto.ca (bureau14.utcc.utoronto.ca
	[128.100.132.42])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C780D43D1D
	for <freebsd-questions@freebsd.org>;
	Wed, 26 May 2004 07:02:59 -0700 (PDT)
	(envelope-from simon.bates@utoronto.ca)
Received: from seahorse.ic.utoronto.ca ([142.150.64.81] EHLO utoronto.ca
	ident: IDENT-NOT-QUERIED [port 2703]) by bureau14.utcc.utoronto.ca with ESMTP
	id <890127-1915>; Wed, 26 May 2004 10:02:07 -0400
Message-ID: <40B4A372.5020506@utoronto.ca>
Date: Wed, 26 May 2004 10:02:26 -0400
From: Simon Bates <simon.bates@utoronto.ca>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.4) Gecko/20031008
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Subject: File encryption: bdes or gpg
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 26 May 2004 14:03:00 -0000

Dear all,

I am fairly new to FreeBSD and this is my first post to 
freebsd-questions. I hope I am asking my question in the correct forum. 
Apologies if not.

I am hoping someone can give me advice on file encryption. I would like 
to encrypt a file and store it on my filesystem. I would like to encrypt 
the file so that my data is not readable by someone who gains root 
access or physical access to my computer. I do not intend to share the 
data with anyone else so a public/private key system is optional.

I did some Googling and some reading of man pages and I have come up 
with 3 options thus far:

1. bdes(1)

2. gpg -c (/usr/ports/security/gnupg)

3. gpg (/usr/ports/security/gnupg) with a public/private key pair for me 
plus a passphrase

I would really appreciate any pointers to discussions of the relative 
merits of these approaches or pointers to better options if available.

Thank you all very much for your time. Best wishes,
Simon