Andreas Ronnquist writes:
On Mon, 28 Sep 2020 15:01:25 +0200, Philipp Ewald<philipp.ew...@digionline.de> wrote:>afaik: > >you dont need a password on a gpg-key so if its not required you can >remove the password and script That is right of course - but how is this security-wise? I guess in my case it doesn't matter much though.
Whether you store the password on the same computer as the keyfile or just a keyfile without password should not matter that much? What kind of adversary are you trying to protect against? I run a reprepro here with an "unprotected" keyfile and it works quite nicely. In case you are interested in how it is implemented here, see https://masysma.lima-city.de/32/masysmaci_pkgsync.xhtml Follow the links to Github or further documentation as interested :) HTH Linux-Fan [...]
pgpXpvfgbYx4w.pgp
Description: PGP signature
