Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Gnupg

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Gnupg
# 1  
Old 09-15-2004
Gnupg
hey guys

i need to restrict access to the GNUPG program because of the possibility that sensitive data like encryption keys and passwords that it is using may be written into the virtual memory swap partition on the hard disk and thus be retrieved at a later date long after the program has erased these important values from memory and finished executing.

im a newbie to unix so the question might sound stupid. would be it be possible to somehow give access to a number of people without actually having the remove it from the system or remove the setuid permission?? feedback would be appreciated

mile1982
# 2  
Old 08-29-2008
I remember I have seen this topic, also a journaling file system can be a security risk. There exists a solution about writing random garbadge into the swap file or swap partition. But Even if you destroy the entire hard disk, sensitive data can be recovered from RAM. I think Bruce schneier wrote about using dd to delete a swap partition. I have forgotten all details but It could be that truecrypt can help you.

Anyone with access physical to your machine IS a security risk.

Please use chmod chgroup and chown to hide your files. Or simply delete them and use a USB Memory stick.
# 3  
Old 08-31-2008
This is an old thread, but now recent versions of gpg will complain loudly if they are run without being suid to root. The root priviledge is to address this issue by locking data into memory so no swapping is possible.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Gpg (GnuPG) encryption and decryption

Hi Friends, There are some 7 years script in out linux server. I am trying to understand them since Linux Server changed(A). Below line in one of the encrypting script. Here scenario is encrypting bank files in our (A) server and doing Secure Copy to Server (B). GPG -v --batch --yes --armor... (1 Reply)
Discussion started by: johnsnow
1 Replies

2. Solaris

Gnupg library issues on Solaris 11

I have installed gnupg from the official Solaris 11 repository, but am experiencing library issues. This is the error I am getting: ld.so.1: gpg2: fatal: relocation error: file /usr/lib/libreadline.so.5: symbol tgetent: referenced symbol not foundSee more information here: bash-4.1$ gpg2... (4 Replies)
Discussion started by: ujjain
4 Replies

3. Shell Programming and Scripting

GnuPG Syntax Help

Hi all, I'm trying to decrypt a GnuPG file but not having much luck. I'm new to using it and have tried 4 different ways to do it but nothing works. Here are examples of the attempts I have made: gpg -o ./file_name.tar.Z --passphrase-fd 0 ./file_name.tar.Z.gpg 0<./password.txt cat... (5 Replies)
Discussion started by: Korn0474
5 Replies

4. UNIX for Dummies Questions & Answers

Import and export PGP/GnuPG keys

Hi, I need to export an existing PGP key and import it into GnuPG on a different machine. This is how I did the export: pgp -kx myuser _myuser_public pgp -kx myuser _myuser_private secring.skr (this is from the pgp installation directory that contains secring.skr). This produced two... (0 Replies)
Discussion started by: imchi
0 Replies

5. Cybersecurity

[PGP/GnuPG] Importing and signing keys

Hi, I need to export an existing PGP key and import it into GnuPG on a different machine. This is how I did the export: pgp -kx myuser _myuser_public pgp -kx myuser _myuser_private secring.skr (this is from the pgp installation directory that contains secring.skr). This produced two... (0 Replies)
Discussion started by: imchi
0 Replies

6. Ubuntu

How to use GnuPG with MUTT, getting error!

I am using MUTT and I have configured my gmail account in it. I want to use GnuPG(gpg) in it. But even after importing I get key not found error while sending. Please help me for this problem. ---------- Post updated at 11:26 PM ---------- Previous update was at 07:48 AM ---------- This is... (0 Replies)
Discussion started by: nixhead
0 Replies

7. Shell Programming and Scripting

Problem with GnuPG...need help

hello, i am writing an automated script for GnuPG decryption for a file, which was already being encrypted, homedir="/home/.gnupg" PassPhrase=`cat /home/.gnupg/.passphrase` echo $PassPhrase | gpg --homedir $homedir --passphrase-fd 0 --no-tty --output secret21.txt --decrypt-files... (0 Replies)
Discussion started by: manas_ranjan
0 Replies

8. Shell Programming and Scripting

GnuPG (gpg command)

I've been blessed with the task of writing functions that will be used to encrypt / decrypt data files using the Gnupg (gpg command) software on our Solaris 9. This was just installed last friday and I've got no documentation other than what I've found on the web. I was successful in writing... (4 Replies)
Discussion started by: BCarlson
4 Replies
Login or Register to Ask a Question