[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] symmetric vs. key
|
From: |
Kenneth Loafman |
|
Subject: |
Re: [Duplicity-talk] symmetric vs. key |
|
Date: |
Mon, 13 Apr 2009 10:00:17 -0500 |
|
User-agent: |
Thunderbird 2.0.0.21 (X11/20090318) |
Edgar Soldin wrote:
> Hi all,
>
> I am asking myself the pro's and con's of using symmetric encryption
> versus the use of keys with duplicity.
>
> Background is that I think many end users really struggle with keys and
> gpg administration. So I think why bothering them with it when duplicity
> supports keyless symmetric gpg encryption. Of course this only would be
> an option and keys still be supported.
>
> Is it worth to implement this in ftplicity, which currently insists on a
> key? Does anybody use duplicity this way?
I've used both and prefer symmetric. I use symmetric for all personal
backups. Some clients prefer keys, so I use keys for them.
> Do all duplicity versions switch to symmetric when no key is given?
Yes.
> I just read gpg uses cast5 which is supposedly industry strength
> resistant to crypto analysis. The only weak point of course is the
> passphrase, because of the brute force / dictionary attack vector. But
> as the passphrase is in the ftplicity config it can be as long and
> complex as wanted.
A good passphrase can be almost as effective as a key. Either one
suffers from forgetfulness or loss. Best to keep copies of each in
multiple safe/secure places.
...Ken
signature.asc
Description: OpenPGP digital signature