From owner-freebsd-questions@FreeBSD.ORG Wed May 26 07:03:00 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 56BB216A4CE for ; Wed, 26 May 2004 07:03:00 -0700 (PDT) Received: from bureau14.utcc.utoronto.ca (bureau14.utcc.utoronto.ca [128.100.132.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id C780D43D1D for ; Wed, 26 May 2004 07:02:59 -0700 (PDT) (envelope-from simon.bates@utoronto.ca) Received: from seahorse.ic.utoronto.ca ([142.150.64.81] EHLO utoronto.ca ident: IDENT-NOT-QUERIED [port 2703]) by bureau14.utcc.utoronto.ca with ESMTP id <890127-1915>; Wed, 26 May 2004 10:02:07 -0400 Message-ID: <40B4A372.5020506@utoronto.ca> Date: Wed, 26 May 2004 10:02:26 -0400 From: Simon Bates User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.4) Gecko/20031008 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: File encryption: bdes or gpg X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2004 14:03:00 -0000 Dear all, I am fairly new to FreeBSD and this is my first post to freebsd-questions. I hope I am asking my question in the correct forum. Apologies if not. I am hoping someone can give me advice on file encryption. I would like to encrypt a file and store it on my filesystem. I would like to encrypt the file so that my data is not readable by someone who gains root access or physical access to my computer. I do not intend to share the data with anyone else so a public/private key system is optional. I did some Googling and some reading of man pages and I have come up with 3 options thus far: 1. bdes(1) 2. gpg -c (/usr/ports/security/gnupg) 3. gpg (/usr/ports/security/gnupg) with a public/private key pair for me plus a passphrase I would really appreciate any pointers to discussions of the relative merits of these approaches or pointers to better options if available. Thank you all very much for your time. Best wishes, Simon