on Thu, Nov 30, 2000 at 10:09:26PM -0500, Chris Gray ([EMAIL PROTECTED]) wrote: > >>>>> "kmself" == kmself <kmself@ix.netcom.com> writes: > > >> You're probably right about this (IANA security expert), but > >> these should only be readable by root. Also, if you have a > >> malicious root, your private key isn't going to be all that > >> safe anyway. > > kmself> Well, on disk, your private key is secured by your > kmself> passphrase (right?). > > I just did a 'less' on my secring.gpg, so... (remember the thread on > the difficulty of password protecting a directory recently) > > I don't think that the private key is encrypted in any way. The fact > that it has mode 0600 is seen as security enough.
I did:
gpg --armor --export-secret-keys kmself
...which did just that, without prompting for a passphrase. I think you
may be right about that. Hmmm.... Still, the key doesn't work without
the passphrase, right? Need to investigate further.
--
Karsten M. Self <kmself@ix.netcom.com> http://www.netcom.com/~kmself
Evangelist, Zelerate, Inc. http://www.zelerate.org
What part of "Gestalt" don't you understand? There is no K5 cabal
http://gestalt-system.sourceforge.net/ http://www.kuro5hin.org
pgpwSWhutb3ud.pgp
Description: PGP signature
