Full disk encryption with two factor authentication is for sure more than enough for any normal secure use in my opinion.
-Ahmad -----Original Message----- From: Marc Evans <[email protected]> Date: Thu, 19 Mar 2009 13:07:31 To: <[email protected]> Subject: [funsec] keyring management best practices Hello, I am looking for opinions of best practices for management of pgp and ssh keys for laptop users. Specifically, I am provisioning a recently purchased macbook of mine, which will travel with me to both US and non-US locations. I am using the OSX encryption features on the laptop, but don't personally consider that sufficient protection when considering installing these keyrings on to it. Options that I have been considering include the following, in order of my likely choice: 1) Don't install the keys on the laptop at all. Instead force myself to use a better secured server. 2) Use a USB dongle with truecrypt on top of which I would store the keyrings. 3) Stop being anal, and put the keys on the laptop, so long as good password management is used for the laptop. My question for this distinguished list of people is, what are your personal practices, and/or do you have suggestions that I should consider? Thanks in advance - Marc _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
