[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] Encryption password selection

From: Duplicity Mailing List
Subject: Re: [Duplicity-talk] Encryption password selection
Date: Mon, 08 Dec 2014 18:55:53 +0000
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0

On 08/12/14 18:26, Yves Goergen wrote:
> Am 08.12.2014 um 18:30 schrieb address@hidden:
>> for symmetric encryption passphrases anything from length of one
>> character up should work.
> Okay. I've seen systems where a certain maximum length of a password
> must not be exceeded. And when using a password for encrpytion, there
> may be certain restrictions about how long a "key" must be. So if I
> specify some random 30 characters that's fine. (I keep them stored in a
> file, don't need to remember them.)

If you're storing your passphrase in a file, nor are planning to
actually remember the passphrase, why not use a keyfile? Seems
infinitely more logical (and secure).

>> yes, you can encrypt symmetrically and sign the result with a key.
> Oh, so signing is not possible if I don't use a key file. Which I never
> did. Didn't know it was possible. But I think I can only benefit the
> signature validation if I have the GnuPG key for restoring, so I might
> as well use that for encryption, too, instead of that PASSPHRASE
> environment variable that's not well explained.

>$ export PASSPHRASE="abcdef"
>$ duplicity full a file://b
>$ cd b
>$ gpg2 --output difftar --decrypt *difftar.gpg

gpg: CAST5 encrypted data
>Pin entry: abcdef
gpg: encrypted with 1 passphrase

reply via email to

[Prev in Thread] Current Thread [Next in Thread]