On Apr 24, 2007, at 2:20 PM, Kenneth Loafman wrote:
I don't see how that would work since gnupg would need access to the
keys in order to sign/en(de)crypt. If you can SSH to your VPS, then
your passphrase would not go over the net unencrypted. If you can't
SSH, then is the connection encrypted some other way?
I can SSH to my VPS Server. The main thing I am trying to do is keep my
Keys used with Duplicity for Signing and Encryption, on my Home Unix Box
for security. From what I have read there would be no way to keep my
passphrase from being known within my VPS Server. Processes could be
looked at, logs, etc. But if my Keys that I use to Sign and Encrypt are
on my Home Unix Box then if a hacker broke into my VPS Server they
wouldn't be able to mess with my backups. I send my backups to an
off-site backup server and then after that is done I use my SFTP Program
on my Home Unix Box to download the backups from the off-site backup
server. I hope this clears up what I am trying to do.