On Dienstag, 7. Juli 2020 22:42:07 CEST Stefan Claas wrote:
> Let's say you travel a lot and do not want to risk that your secret key
> gets compromised due to border control etc.
>
> One simply uses the program passphrase2pgp, from GitHub[1] and when creating
> the key and the passphrase is neede
Regenerating your secret key like this is perhaps dangerous and easy to do
wrong, for example you will probably leak it in your shell's history. If an
attacker finds out this is your scheme, they can then start to brute force your
secret key without need any access to your data, which happened w
Philihp Busby wrote:
> Regenerating your secret key like this is perhaps dangerous and easy to do
> wrong, for example you will probably leak it in
> your shell's history. If an attacker finds out this is your scheme, they can
> then start to brute force your secret key
> without need any acces
Stefan Claas wrote:
> ... you should try this out in your terminal and look at the beginning
> of the output:
>
> $ echo 1fccaf3d | xxd -r -p | openssl dgst -sha256 -binary | openssl enc
> -base64
I thought about this technique a bit for easy to remember passwords, which
can be converted to str
