[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A question on encryption

From: Eric Abrahamsen
Subject: Re: A question on encryption
Date: Thu, 28 Aug 2014 08:22:30 +0800
User-agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/24.4.50 (gnu/linux)

Marcin Borkowski <address@hidden> writes:


> I created a test file (call it "test") with a single line of text and
> did two things:
> 1. C-x C-f test RET, C-x C-w test.gpg RET
> Then I selected the key and hit ok.
> 2. From the command line:
> gpg -e -r key-id -o test2.gpg test
> The two resulting files were different (difference in length of 3
> bytes; find-file-literally and manual inspection showed that the
> beginnings were identical, but the endings were not).
> My question is: why is that so?  I instrumented the function
> epg-start-encrypt for Edebug, and it seems that the argument list it
> constructed was identical or equivalent to the one I'm giving on the
> command line.
> My other question is: is it fine?  I'm an (almost) complete layman
> with crypto, and I don't want to open some huge security hole because
> of my ignorance.  (I want to store my email passwords in encrypted
> files, set a very short timeout in gpg-agent and connect it to my
> mailing client, so that stealing my laptop won't enable the thief to
> impersonate me.)

I don't know what's going on with your specific problem, but let me
recommend the "pass" command-line utility for this situation. It does
just what you want -- storing passwords as gpg-encrypted files -- and if
you have the agent running, that keeps all your secrets locked up
nicely, without too much inconvenience. I have both SMTP and IMAP set up
to fetch their passwords using an invocation of pass, and it works

If your goal is to learn the EPG library, then ignore this!


reply via email to

[Prev in Thread] Current Thread [Next in Thread]