On January 27, 2016 1:54:44 AM MST, Kjetil Torgrim Homme <[email protected]> wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >On 2016-01-26 14:29, Dashamir Hoxha wrote: >> If they have your encrypted password files, most probably they also >> have your private keys. At least for most of the people, who are >> not using smartcards, yubikey, nitrokey, etc. (I am one of them). > >not at all. since the password-store is securely encrypted, it is >safe to use a third party as a distribution point, e.g., Github. that >way, I can easily pull an updated store into each of my workstations. > this does *not* give the admins at Github any access to my passwords. > >- -- >Kjetil T. Homme >Redpill Linpro AS - Changing the game >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v2 > >iEYEARECAAYFAlaohc0ACgkQdwjfh75Cw0O0swCgsE9OY32U0au/ZiDQhgABeDdN >adUAn0OoNKL4f3oqAsJ+50TavCoWh+vD >=GYVB >-----END PGP SIGNATURE----- >_______________________________________________ >Password-Store mailing list >[email protected] >http://lists.zx2c4.com/mailman/listinfo/password-store
If you don't sync to a public server, and don't use a smart card then for most people those files will be exposed together. -- Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
