From owner-freebsd-security Mon Jun 14 12:42:16 1999 Delivered-To: freebsd-security@freebsd.org Received: from corinth.bossig.com (corinth.bossig.com [208.26.239.66]) by hub.freebsd.org (Postfix) with ESMTP id 18C731551C for ; Mon, 14 Jun 1999 12:41:55 -0700 (PDT) (envelope-from kstewart@3-cities.com) Received: from revolution.3-cities.com (revolution.3-cities.com [204.203.224.155]) by corinth.bossig.com (Rockliffe SMTPRA 3.3.1) with ESMTP id ; Mon, 14 Jun 1999 12:43:54 -0700 Received: from 3-cities.com (kenn1181.bossig.com [208.26.241.181]) by revolution.3-cities.com (8.9.3/8.9.3) with ESMTP id MAA25918; Mon, 14 Jun 1999 12:41:52 -0700 (PDT) Message-ID: <37655AFC.D58D456F@3-cities.com> Date: Mon, 14 Jun 1999 12:41:48 -0700 From: Kent Stewart Reply-To: kstewart@3-cities.com Organization: Columbia Basin Virtual Community Project X-Mailer: Mozilla 4.51 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Richard Childers Cc: freebsd-security@freebsd.org Subject: Re: reading files. References: <3765537B.6D0BC801@3-cities.com> <376557C2.3230DC3B@hamquist.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Richard Childers wrote: > > Don't forget that PGP is exactly as secure as the filesystem on which > your key(s) reside ... That was really my whole point on PGP. When you have the key somewhere besides memory, someone else can find it and a 128-bit key is really hard to remember and enter properly. I think a Jaz 2GB that you store in a guarded, locked safe is my idea of file security. Kent > > -- richard > > Richard Childers > Senior UNIX Systems Administrator & Chief Bottle Washer > Hambrecht & Quist, LLC > (415) 439-3838 > > Kent Stewart wrote: > > > > As a backup operator, I think I could backup your files and restore them > > on a different system. Then you wouldn't know I have accessed your > > files. I've never backed up a user's files on one system and restored > > them to another system but I have never seen anything that would prevent > > me from doing that. I may have to add the user to that system but then I > > would know the password and it would be trivial. > > > > The problem with PGP is that by the time you have a pretty good key it > > will be easy to forget and then you have lost access to your file. > > > > Kent > > -- Kent Stewart Richland, WA mailto:kstewart@3-cities.com http://www.3-cities.com/~kstewart/index.html Hunting Archibald Stewart, b 1802 in Ballymena, Antrim Co., NIR http://www.3-cities.com/~kstewart/genealogy/archibald_stewart.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message