From owner-freebsd-questions@FreeBSD.ORG Wed May 26 17:39:58 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D24E316A4CE for ; Wed, 26 May 2004 17:39:58 -0700 (PDT) Received: from out2.smtp.messagingengine.com (out2.smtp.messagingengine.com [66.111.4.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 59FF243D39 for ; Wed, 26 May 2004 17:39:57 -0700 (PDT) (envelope-from nkinkade@fastmail.fm) X-Sasl-enc: R+LEh9R8mj3S6eLSb9kjJw 1085584841 Received: from gentoo-npk.bmp.ub (unknown [206.27.244.136]) by www.fastmail.fm (Postfix) with ESMTP id 4F4E5BD8386; Wed, 26 May 2004 11:20:41 -0400 (EDT) Received: from nkinkade by gentoo-npk.bmp.ub with local (Exim 4.21) id 1BT0CH-0006b9-0o; Wed, 26 May 2004 09:20:01 -0600 Date: Wed, 26 May 2004 09:20:01 -0600 From: Nathan Kinkade To: Simon Bates Message-ID: <20040526152001.GK21801@gentoo-npk.bmp.ub> Mail-Followup-To: Simon Bates , freebsd-questions@freebsd.org References: <40B4A372.5020506@utoronto.ca> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Zlo2GrDIozf6aQFY" Content-Disposition: inline In-Reply-To: <40B4A372.5020506@utoronto.ca> User-Agent: Mutt/1.5.6i Sender: cc: freebsd-questions@freebsd.org Subject: Re: File encryption: bdes or gpg X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Nathan Kinkade List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2004 00:39:58 -0000 --Zlo2GrDIozf6aQFY Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, May 26, 2004 at 10:02:26AM -0400, Simon Bates wrote: > Dear all, >=20 > I am fairly new to FreeBSD and this is my first post to=20 > freebsd-questions. I hope I am asking my question in the correct forum.= =20 > Apologies if not. >=20 > I am hoping someone can give me advice on file encryption. I would like= =20 > to encrypt a file and store it on my filesystem. I would like to encrypt= =20 > the file so that my data is not readable by someone who gains root=20 > access or physical access to my computer. I do not intend to share the=20 > data with anyone else so a public/private key system is optional. >=20 > I did some Googling and some reading of man pages and I have come up=20 > with 3 options thus far: >=20 > 1. bdes(1) >=20 > 2. gpg -c (/usr/ports/security/gnupg) >=20 > 3. gpg (/usr/ports/security/gnupg) with a public/private key pair for me= =20 > plus a passphrase >=20 > I would really appreciate any pointers to discussions of the relative=20 > merits of these approaches or pointers to better options if available. >=20 > Thank you all very much for your time. Best wishes, > Simon GPG would probably work well. You can encryt files symmetrically and put a passphrase on the file. Public Key encryption could work also, as long as you have a decent passphrase on your private key. If your private key is passphraseless and someone gets physical access to your machine they'll have not much problem decrypting your file. GPG also had other useful applications, such as signing emails and various files. Nathan --Zlo2GrDIozf6aQFY Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAtLWgO0ZIEthSfkkRAkwTAJ4h9ExrJkBvd/8Gk4xc0shV+0ZhkwCg6u5+ qj7tuvVpo9bDkZl0uys5Vms= =ugJ2 -----END PGP SIGNATURE----- --Zlo2GrDIozf6aQFY--