Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

safe encrypting process?

I'd like to encrypt some info that could later be searched, but I'm
trying to figure out an optimal/safe way to go about doing it.

For the actual encryption, I'd put the information in a plaintext file
> gpg -c foo.txt > foo.gpg (encrypt with gpg)
> shred -u foo.txt* (shred the old plaintext file and any backup copies
of it)

If I wanted to search the file, I'd
> gpg --decrypt foo.gpg | grep whatever

Modifying the file would be:
> gpg --decrypt foo.gpg > foo.txt
> joe foo.txt (and make modification)
> gpg -c foo.txt > foo.gpg
> shred -u foo.txt* (to get rid of plaintext file and any backup copies)

And then I could script this so I wouldn't have to bother with typing in
everything. But I'm curious about the weaknesses of using such a method
for encrypted information. In particular, any sort of temporary files
which would have stuff during the plaintext post-decryption process (tmp
file from joe, for example). Is there a simpler, better way of going
about this?


BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /