Re: Symmetrical encryption or ...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2014-11-22 18:54, Dave Pawson wrote: I installed keepassx. Not much use to me. 1. Illegible with my eyesight (reported to them) 2. Insufficient fields (seems to be non expandable). Try Keepass2 (official). It worked fine for me when I last used Linux, and requires the Mono runtime. Fonts are adjustable, and the auto-type (requires the xdotool package for Linux) will fulfil the wishes you had stated earlier. All the best, Jason -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJUcE22AAoJED1Q2DsLuMaGC9oQAIRgnf0bZ5/m1ZADwkLMe9GV 6pytc9ThExmRFUYNstHOdl7UHY+dgXzIvhszcyZsSDAMLG2zHrdIuWEoud429qol 6Mu7Xp44wQfmlqMCPi7zX69YgnZo2E/I5Wwi10hPhcy80UGprkilMbHl9DrR6m5q 40nFas6FQG6dOG6OHZPizUc7JI6/bdJhH0NxLoBnSynoqvsnEQvpDnufzXqQZRUa GYV5n0pO3OUPTXSWxtJKWVWdNdUQGe+16pyPPdrc+7WLJkFGQ42ZxxxQYTTskt+M IFnJu8QnQ31vn0ydpia7cagOYvYohPfkai84rFHNEioeKY5JUsS3N3u9l4j0NM5Q 6howXRnxINfKZ3u0XrEEvXBiZy6jBFwfeofqrGGLveP2HuaLxRDhjpmhJqdad4VK Ccc/4B0CYFNMi4sYctKGEd83MYQdDNu4+4XJWbgVrddsxQXbrks6GBwv7q7aSoif SUCasJwZHK9xa2OWoSUixlkmZ9TwviixphbagvulABmaW0JIAux9o7CwnxfvRf2r SLm5mXQIY3L9f3iX/gqwXiBjrMNk4mOKutAJel2DcKWDa+3kh6mlWHMKxD9uYi6c E3Hvg26XI2fe+cjJ87nyMGrxGdK/8BEHJKAs02tCK7af3plCcqd+nUhpP8cspM2A u3pLdGRT4dMI4NdiNSM6 =VeTD -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Symmetrical encryption or ...
https://launchpad.net/ubuntu/+source/keepass2 Looks like Ubuntu only? Not found for Fedora. I'll stick with symmetric for now. Thanks Jason On 22 November 2014 08:47, Jason Antony alexander...@gmail.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2014-11-22 18:54, Dave Pawson wrote: I installed keepassx. Not much use to me. 1. Illegible with my eyesight (reported to them) 2. Insufficient fields (seems to be non expandable). Try Keepass2 (official). It worked fine for me when I last used Linux, and requires the Mono runtime. Fonts are adjustable, and the auto-type (requires the xdotool package for Linux) will fulfil the wishes you had stated earlier. All the best, Jason -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJUcE22AAoJED1Q2DsLuMaGC9oQAIRgnf0bZ5/m1ZADwkLMe9GV 6pytc9ThExmRFUYNstHOdl7UHY+dgXzIvhszcyZsSDAMLG2zHrdIuWEoud429qol 6Mu7Xp44wQfmlqMCPi7zX69YgnZo2E/I5Wwi10hPhcy80UGprkilMbHl9DrR6m5q 40nFas6FQG6dOG6OHZPizUc7JI6/bdJhH0NxLoBnSynoqvsnEQvpDnufzXqQZRUa GYV5n0pO3OUPTXSWxtJKWVWdNdUQGe+16pyPPdrc+7WLJkFGQ42ZxxxQYTTskt+M IFnJu8QnQ31vn0ydpia7cagOYvYohPfkai84rFHNEioeKY5JUsS3N3u9l4j0NM5Q 6howXRnxINfKZ3u0XrEEvXBiZy6jBFwfeofqrGGLveP2HuaLxRDhjpmhJqdad4VK Ccc/4B0CYFNMi4sYctKGEd83MYQdDNu4+4XJWbgVrddsxQXbrks6GBwv7q7aSoif SUCasJwZHK9xa2OWoSUixlkmZ9TwviixphbagvulABmaW0JIAux9o7CwnxfvRf2r SLm5mXQIY3L9f3iX/gqwXiBjrMNk4mOKutAJel2DcKWDa+3kh6mlWHMKxD9uYi6c E3Hvg26XI2fe+cjJ87nyMGrxGdK/8BEHJKAs02tCK7af3plCcqd+nUhpP8cspM2A u3pLdGRT4dMI4NdiNSM6 =VeTD -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Dave Pawson XSLT XSL-FO FAQ. Docbook FAQ. http://www.dpawson.co.uk ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Symmetrical encryption or ...
On 22/11/14 10:23, Dave Pawson wrote: https://launchpad.net/ubuntu/+source/keepass2 Looks like Ubuntu only? Not found for Fedora. If I look at the KeePass website, specifically at [1], I see: 8 -- 8 In addition to Windows, KeePass 2.x runs fine under Mono, i.e. Linux, Mac OS X, BSD, etc. Links to all supported packages can be found on the KeePass downloads page: http://keepass.info/download.html. Debian/Ubuntu Linux: Install the keepass2 / KeePass 2.x for Debian/Ubuntu Linux package (e.g. using APT). A link to a page with more information about this package can be found on the downloads page. Fedora Linux: Install the keepass package (from the Fedora repository; link on the downloads page). [...] 8 -- 8 So it would appear that Fedora calls the package keepass rather than keepass2, but it is available (and is actually version 2.x). I use KeePass 2 myself and like it. I only use Linux though. By the way, regarding your first post: while symmetric mode is pretty much invented for your use case, you can also encrypt to your own public key. It would be overkill if that is all you have the private key installed for. But if you have the private key installed anyway and use it for other stuff, and have gpg-agent cache your passphrase, it would mean you wouldn't have to type the passphrase every time. I can think of a special case where it gets even better in my eyes: if you have a smartcard. You only have to type a relatively short PIN instead of a strong passphrase. Then again, I type my KeePass 2 strong passphrase often enough, and it's not bothersome. Maybe I just like smartcards :). Yep, that's it. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Symmetrical encryption or ...
On 22/11/14 11:11, Peter Lebbing wrote: If I look at the KeePass website, specifically at [1], I see: Whoops! [1] http://keepass.info/help/v2/setup.html#mono -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Symmetrical encryption or ...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2014-11-22 20:23, Dave Pawson wrote: Not found for Fedora. It can be done for Fedora. You'll need to download the portable version of Keepass2 from the official website, and install the Mono runtimes and xdotool. After extracting the keepass2 archive, cd to the directory, then run: mono KeePass.exe Instructions found here: https://cloudplasma.co.uk/2014/01/keepass-2-fedora-20/ Regards, Jason -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJUcGEfAAoJED1Q2DsLuMaGVO0QALaTvt2zP9SC2yZ+uqhbm/ko JYfjvxRVjT3FLEfA2sZ4NAVTHS/wO0qSW8F+jSjRyybW85A8mDJHgF0LSVcRzvcr qYYys1J8IohcfkBMfSXNUyfEvG2Dl2qoeryvKg1Ar1iDG8G1SAcHMoPgHdrgWCAb RmhdBR0QCMOEBbS+c/YKLowIcCvC/XRmvMEYBPStHHs1Lm6arbsysP4DpN3KSbZK kEjDSqbp7P0B7ghpkX1I0XNILt9GJ6CQaq0TB1riKrIaEPzl9VY8cLk7VgWGFboc A8AATZXMdp4+veijRtvYv8dwzb0Tsl5Kt2Q/JtoXTjMfy1lZTW3nCxromi2WJP0Z peZb5Ii7Mkw5p3HNLzzllM/fDSI3qNerdpp9oIyY7XG69ctrqz40u0hBpDa+RLXW ojKDu2h54npFXDF2r5006VZ4JEDuZwUH1ojqbhq6J/Luet8M4tpkg4hc38Gad9ay LEwpwNm5oAhWyt9JTOusYwtZUXQqF4iCr1SXllmkHBXUtLwXXwr82Ar+c9pOxMix EYyRhWGVVdtYSQQmdb3S6jpFjdhmOMLTWjIjU8xNM0TjhIiZ8AidFfsS0CWnXbAw wG0SCN/Q+c4icQiD5Mriwo2/KxGawj1aOdSKhLd9NBDLM7X86sZS3jy5QMnQNwBl 7Z7BhCsNupM82yyytby5 =n+6a -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Symmetrical encryption or ...
Only I use the two machines, but need the file encrypted. Any alternatives to symmetrical encryption of a file? Not really. Sym would appear to be ideal for your use case. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Symmetrical encryption or ...
Thanks Robert. I'll give it a try. regards Dave P On 21 November 2014 18:24, Robert J. Hansen r...@sixdemonbag.org wrote: Only I use the two machines, but need the file encrypted. Any alternatives to symmetrical encryption of a file? Not really. Sym would appear to be ideal for your use case. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Dave Pawson XSLT XSL-FO FAQ. Docbook FAQ. http://www.dpawson.co.uk ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Symmetrical encryption or ...
For a password safe you might look into existing solutions, such as keepass(x) or other similar password storage solutions On Nov 21, 2014 10:29 AM, Dave Pawson dave.paw...@gmail.com wrote: Thanks Robert. I'll give it a try. regards Dave P On 21 November 2014 18:24, Robert J. Hansen r...@sixdemonbag.org wrote: Only I use the two machines, but need the file encrypted. Any alternatives to symmetrical encryption of a file? Not really. Sym would appear to be ideal for your use case. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Dave Pawson XSLT XSL-FO FAQ. Docbook FAQ. http://www.dpawson.co.uk ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Symmetrical encryption or ...
1. A matter of trust (low) 2. One mc is Linux, the other windows - they tend not to mix? Tks, Dave On 21 November 2014 18:36, Schlacta, Christ aarc...@aarcane.org wrote: For a password safe you might look into existing solutions, such as keepass(x) or other similar password storage solutions On Nov 21, 2014 10:29 AM, Dave Pawson dave.paw...@gmail.com wrote: Thanks Robert. I'll give it a try. regards Dave P On 21 November 2014 18:24, Robert J. Hansen r...@sixdemonbag.org wrote: Only I use the two machines, but need the file encrypted. Any alternatives to symmetrical encryption of a file? Not really. Sym would appear to be ideal for your use case. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Dave Pawson XSLT XSL-FO FAQ. Docbook FAQ. http://www.dpawson.co.uk ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Dave Pawson XSLT XSL-FO FAQ. Docbook FAQ. http://www.dpawson.co.uk ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Symmetrical encryption or ...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 11/20/14 10:40 AM, Dave Pawson wrote: | Requirement. Two machines (one Linux, one Windows). | | I want a secure file 'shared' between them, as a pwd-safe. | | Only I use the two machines, but need the file encrypted. | | Any alternatives to symmetrical encryption of a file? Either symmetric or PK encryption would suit your needs, but as someone pointed out already, a better solution is to use a password safe. KeePass is an excellent solution, and I use the same password db between Windows, Linux, and OS X (not in that order). :) You want to use the lowest common denominator format between those systems, which at this point is the 1.28 version for Windows, and the keepassx version that comes with most Linux distributions (I use Ubuntu primarily). For OS X it gets a little trickier, since the version that includes auto-type is community sourced, but the person who produces it is well trusted, and a lot of people use it. Schneier had an interesting blog post recently about password safes, with a link to papers that did extensive research on them. KeePass came out looking pretty good, as one of the key problems with most password safes is that if the auto-type is truly automatic, it can be triggered by malicious software and grab your passwords off the clipboard in windows. While KeePass does have an auto-type feature, you have to trigger the key sequence to use it, and that sequence is user-configurable. And obviously you don't want to use solutions like LastPass, where your stuff is stored in their cloud. The question of What if they get hacked? is no longer academic, since it happened recently. For synchronization between systems I use SpiderOak, which also has clients for all 3 platforms. KeePass already encrypts the db file, and SpiderOak, unlike most cloud storage platforms, encrypts the files it backs up locally (on your system) with a special key that the company does not know. The upload channel is encrypted to their servers as well, so your data is never available in the clear. Because they don't know the encryption key your data is never de-duplicated with other people's stuff, although if you set up folder synchronization between systems the same files will be de-duplicated within your own account. ... and speaking of folder synchronization, one of the things I like about SpiderOak is that you can set up arbitrary folders to synchronize between systems, you don't have to put all of your stuff in one folder. You can also configure it to exclude certain files from syncing, which is handy to avoid synching the .lock file for KeePass. :) http://keepass.info/index.html https://www.schneier.com/blog/archives/2014/09/security_of_pas.html If you use this link to sign up for SpiderOak, I get free space. :) https://spideroak.com/signup/referral/25c4971714a13f13c24fa98a43317dc2/ Or, here is the regular link, if you prefer: https://spideroak.com/ hope this helps, Doug -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJUb/bPAAoJEFzGhvEaGryEq9EH/0pwRxi7PpJMlJs9yGOvdcBO +oqL6uJ99U72kdmUeznLzSewN5pHJoKB26gHAqs2WvNnoNGDOfRKz89ijKxCOWbE 8uJfz+AEqDJLe6CdLXSVTTa8SdLDydYUqrQZuV3aPxVPCCA91I4vi0HVB3MAlqLV ndOEaX6wP6/GCqVDkHUDQ9V37jmFHa7jl2RKFXj5BRL31ztQuqVQ4VlCiVbZFvje aipBL8p1l9EBdEUdQIM7tnykeP9EY+0F5zQmSqAuxxk+CFKQZBJ2FqZN1bnvi5OC QQFaUy4sGQKdI/uoOQOVM5YHXzQxJ6tZY1zFUudQwcs/Sdi2EQkRZQVOpMHeeqQ= =dI3t -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Symmetrical encryption or ...
Thanks Doug On 22 November 2014 02:37, Doug Barton dougb@dougbarton.email wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Either symmetric or PK encryption would suit your needs, but as someone pointed out already, a better solution is to use a password safe. KeePass is an excellent solution, and I use the same password db between Windows, Linux, and OS X (not in that order). :) You want to use the lowest common denominator format between those systems, which at this point is the 1.28 version for Windows, and the keepassx version that comes with most Linux distributions (I use Ubuntu primarily). Noted. typically Secure access requires n items, login/pwd/mothers maiden name/ inside leg measurement etc... Can keepassx store a list of key:value pairs? I know some systems are restrictive in this area. I'm currently running Python code which dumps the dictionary content for use, direct from the decryption. So where do you store the data? Online for access from 3 machines? Dropbox? Seems an unnecessary exposure. I'll have a look. And obviously you don't want to use solutions like LastPass, where your stuff is stored in their cloud. The question of What if they get hacked? is no longer academic, since it happened recently. Yes... For synchronization between systems I use SpiderOak, which also has clients for all 3 platforms. KeePass already encrypts the db file, and SpiderOak, unlike most cloud storage platforms, encrypts the files it backs up locally (on your system) with a special key that the company does not know. Another exposure? At least with a symmetrical encryption the files are only local... (Am I being too cautious?) http://keepass.info/index.html https://www.schneier.com/blog/archives/2014/09/security_of_pas.html If you use this link to sign up for SpiderOak, I get free space. :) https://spideroak.com/signup/referral/25c4971714a13f13c24fa98a43317dc2/ Thanks Doug. More options. -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJUb/bPAAoJEFzGhvEaGryEq9EH/0pwRxi7PpJMlJs9yGOvdcBO +oqL6uJ99U72kdmUeznLzSewN5pHJoKB26gHAqs2WvNnoNGDOfRKz89ijKxCOWbE 8uJfz+AEqDJLe6CdLXSVTTa8SdLDydYUqrQZuV3aPxVPCCA91I4vi0HVB3MAlqLV ndOEaX6wP6/GCqVDkHUDQ9V37jmFHa7jl2RKFXj5BRL31ztQuqVQ4VlCiVbZFvje aipBL8p1l9EBdEUdQIM7tnykeP9EY+0F5zQmSqAuxxk+CFKQZBJ2FqZN1bnvi5OC QQFaUy4sGQKdI/uoOQOVM5YHXzQxJ6tZY1zFUudQwcs/Sdi2EQkRZQVOpMHeeqQ= =dI3t -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Dave Pawson XSLT XSL-FO FAQ. Docbook FAQ. http://www.dpawson.co.uk ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Symmetrical encryption or ...
I installed keepassx. Not much use to me. 1. Illegible with my eyesight (reported to them) 2. Insufficient fields (seems to be non expandable). regards On 22 November 2014 02:37, Doug Barton dougb@dougbarton.email wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 11/20/14 10:40 AM, Dave Pawson wrote: | Requirement. Two machines (one Linux, one Windows). | | I want a secure file 'shared' between them, as a pwd-safe. | | Only I use the two machines, but need the file encrypted. | | Any alternatives to symmetrical encryption of a file? Either symmetric or PK encryption would suit your needs, but as someone pointed out already, a better solution is to use a password safe. KeePass is an excellent solution, and I use the same password db between Windows, Linux, and OS X (not in that order). :) You want to use the lowest common denominator format between those systems, which at this point is the 1.28 version for Windows, and the keepassx version that comes with most Linux distributions (I use Ubuntu primarily). For OS X it gets a little trickier, since the version that includes auto-type is community sourced, but the person who produces it is well trusted, and a lot of people use it. Schneier had an interesting blog post recently about password safes, with a link to papers that did extensive research on them. KeePass came out looking pretty good, as one of the key problems with most password safes is that if the auto-type is truly automatic, it can be triggered by malicious software and grab your passwords off the clipboard in windows. While KeePass does have an auto-type feature, you have to trigger the key sequence to use it, and that sequence is user-configurable. And obviously you don't want to use solutions like LastPass, where your stuff is stored in their cloud. The question of What if they get hacked? is no longer academic, since it happened recently. For synchronization between systems I use SpiderOak, which also has clients for all 3 platforms. KeePass already encrypts the db file, and SpiderOak, unlike most cloud storage platforms, encrypts the files it backs up locally (on your system) with a special key that the company does not know. The upload channel is encrypted to their servers as well, so your data is never available in the clear. Because they don't know the encryption key your data is never de-duplicated with other people's stuff, although if you set up folder synchronization between systems the same files will be de-duplicated within your own account. ... and speaking of folder synchronization, one of the things I like about SpiderOak is that you can set up arbitrary folders to synchronize between systems, you don't have to put all of your stuff in one folder. You can also configure it to exclude certain files from syncing, which is handy to avoid synching the .lock file for KeePass. :) http://keepass.info/index.html https://www.schneier.com/blog/archives/2014/09/security_of_pas.html If you use this link to sign up for SpiderOak, I get free space. :) https://spideroak.com/signup/referral/25c4971714a13f13c24fa98a43317dc2/ Or, here is the regular link, if you prefer: https://spideroak.com/ hope this helps, Doug -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJUb/bPAAoJEFzGhvEaGryEq9EH/0pwRxi7PpJMlJs9yGOvdcBO +oqL6uJ99U72kdmUeznLzSewN5pHJoKB26gHAqs2WvNnoNGDOfRKz89ijKxCOWbE 8uJfz+AEqDJLe6CdLXSVTTa8SdLDydYUqrQZuV3aPxVPCCA91I4vi0HVB3MAlqLV ndOEaX6wP6/GCqVDkHUDQ9V37jmFHa7jl2RKFXj5BRL31ztQuqVQ4VlCiVbZFvje aipBL8p1l9EBdEUdQIM7tnykeP9EY+0F5zQmSqAuxxk+CFKQZBJ2FqZN1bnvi5OC QQFaUy4sGQKdI/uoOQOVM5YHXzQxJ6tZY1zFUudQwcs/Sdi2EQkRZQVOpMHeeqQ= =dI3t -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Dave Pawson XSLT XSL-FO FAQ. Docbook FAQ. http://www.dpawson.co.uk ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Symmetrical encryption or ...
Requirement. Two machines (one Linux, one Windows). I want a secure file 'shared' between them, as a pwd-safe. Only I use the two machines, but need the file encrypted. Any alternatives to symmetrical encryption of a file? TiA, -- Dave Pawson XSLT XSL-FO FAQ. Docbook FAQ. http://www.dpawson.co.uk ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users