Subject: Re: easiest way to encrypt a file?
To: Jeremy C. Reed <firstname.lastname@example.org>
From: Stefan Schumacher <email@example.com>
Date: 12/17/2004 20:16:35
Content-Type: text/plain; charset=us-ascii
Also sprach Jeremy C. Reed (firstname.lastname@example.org)
> I want to place a DSA key file on a server not maintained by myself. It is
> pass-phrase protected, but still I don't want the file used.
Shall the key simply be backuped there or do you want to use (decrypt)
it on the server? If you want to decrypt it there, you don't need
further encryption at all.
> What is the easiest way to encrypt a file with a key to decrypt?
PGP. Or something with RSA support like OpenSSL. But RSA should be
considered insecure with less than 2048 bits today.=20
> I have used zip and pgp and gpg to encrypt files. But what other ways do
> you suggest?
Use PGP/GPG or mcrypt. Forget ZIP.
> Anything in the NetBSD base? (And examples?)
OpenSSL is in base and can:
o Creation of RSA, DH and DSA key parameters
o Calculation of Message Digests
o Encryption and Decryption with Ciphers
openssl_rsautl(1) offers some examples.=20
But I use either pkgsrc/security/cfs oder cgd(4) for encrypted
directories/partitions or pkgsrc/security/mcrypt, which offers a lot
of options, including RFC2440 for symmetric encryption of files.
PostgreSQL at 21. Chaos Communication Congress
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)
-----END PGP SIGNATURE-----