On Samstag, 30. Oktober 2021 14:24:58 CEST Chris Taylor wrote: > The hash of my gpg file on my laptop is different to it's hash on the > thumb drive.
If the hash of any file on your laptop differs from the hash of the same file after copying it to the thumb drive this can only mean two things: 1. Either you made something wrong when you copied the file to the thumb drive, e.g. you unplugged the thumb drive before the file was actually fully written to the thumb drive. Solution: Always make sure to "eject" the thumb drive before unplugging it. 2. Or your thumb drive has a hardware error. Or it is a forged thumb drive which claims to be larger than it actually is. There are loads of forged thumb drives sold on the Internet. Don't assume you are making a bargain when you are offered a large thumb drive to an insanely low price. Solution: Destroy the thumb drive physically (to make sure nobody can get access to the data stored on it) and then throw it away. > For comparison, the hash of the tar.gz file (i.e. before > encryption) is the same before and after I copy it to the thumb drive. > > Are there any techniques I should be using to protect my gpg file? Yes, but those "techniques" are not special for gpg files. They apply to any files. The "techniques" are: * Don't unplug the thumb drive before all data was fully written to it. * Don't use thumb drives with hardware defects or with forged size. * If you want to be really sure that a file was transferred correctly to the thumb drive, then unplug the thumb drive, re-plug it and then compare the hashes of the file. Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
