Hallo Claus, Danke for your reply.
> Sent: Thursday, January 02, 2020 at 6:38 PM > From: "Claus Assmann" <ca+openbsd_m...@esmtp.org> > To: misc@openbsd.org > Subject: Re: Request for recommendation - encryption and signature for file > backup > > Maybe duplicity? It's available as package (not sure > whether it does signing). I apologize for not completely explaining my original query. I am aware of backup tools that can encrypt and/or sign and/or deduplicate. Duplicity, restic, borg et al. I am trying to ascertain what tool would misc@ recommend to encrypt and then sign the file. This encrypted file and its signature would then be handed over to a backup tool - duplicity/restic/borg or even a custom script. In other words, it would be preferable for the backup tool to not do cryptography, but pick up the file after it has been encrypted and signed. And hence, my request. I now understand that my original mail was not at all clear on this. My mistake. With respect to duplicity [1], if I am not wrong, it uses GnuPG for the cryptography part. I think the following blog post is quite informative about PGP, GnuPG et al: https://latacora.micro.blog/2019/07/16/the-pgp-problem.html That blog post itself links to the following paper by tedu@: https://www.openbsd.org/papers/bsdcan-signify.html I did not understand the cryptographic aspects of the latacora post, but I understood that a dedicated file encryption tool was desirable. Also, signify(1)/minisign would be a good fit for the signature part. I understand that "age" as suggested in that blog post was recently added to ports - Thanks abieber@ for that. However, if I am not wrong, it is still in beta. Dhanyavaad, ab [1] - http://duplicity.nongnu.org/ ---------|---------|---------|---------|---------|---------|---------|--
