On Mon, Jul 27, 2009 at 02:25:05AM -0700, arcintl wrote: > > i wish to setup GNUpg for my work (i am the IT Administrator) but i have a > few questions.
good idea > > First: if the user creates a key and then leaves the company. assuming > he/she didnt tell anyone the pass phrase and was the only key used, are > those files locked for ever? Actually those files aren't locked but possibly encrypted, which is most times even better than deleting them. So noone will have access to them who doesn't own the key. > if this is so my idea was the IT department (i.e. me) create the keys for > all my users and use a complete random password for all, then backup those > keys. then issue them to the user and allow them to change the pass phrase > to something they prefer. then if the user leaves we can use the originally > backed up key with the original password to decrypt the files they > encrypted. You have to distinguish two or three things: 1. Passwords and keys. When you use asymmetric encryption, you don't need a password to decrypt a file, but you need the key (that is actually nothing else then quite a long password) but: The password or the key that encrypted the file is another one then you need to decrypt it (asymmetric) 2. You could store the same key multiple times, secured by different passwords, or even without a password at all. Everyone who has access to the key and the password to use the key (ofc) can decrypt the data. 3. GnuPG is a distributed system in contrast to SSL Ciphers, that are assymmetric as well but need a centralized keyserver to prove the validity of the key. > will this work? i know it may sound like a security risk and ruin the whole > point of encrypting in the first place but this is the only way i can think > of safe gaurding the companies data (not users data). You should think twice, and then again, of how you store and distribute the keys and how you secure them. Finally you will get maximum security from GnuPG: But, as long as you aren't 100% sure what you are doing: Have a backup. For example the problem is: If you create the keys for your users, you will have to transfer them to the users, which makes a bit of unsureness of who listens on the transfer lines. And: You can only encrypt the files for one key. So only one user will have access to the files (owns the files), as long as you don't share the keys. For example you can introduce company wide keys or deparmtement keys and distribute them to anyone, who should have access. > Also have another question. > > if a users key is compromised i.e. someone knows their pass phrase. should > the user just change the pass phrase or should a new key be generated? and > if a new key is needed will all the files that were encrypted with the old > key be in danger of be decrypted or be totally useless without the old key? Right. Assumed that you use one key for a group of users and encrypt the file with this key, if anyone can get access to this key stored for any user, he will get access to the encrypted files. But you need to have access to both: The key file and the password. It's like a banking card and the PIN number. If you own just one of them, you don't have access to the account. But if you can copy the bank card and you can crack the pin you will have access. > Sorry if this has been answered before or a dumb question. i am new to this > stuff. I hope I could push you somewhat forward with your questions. bye, ikrabbe _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
