[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Why 'duplicity without private key' is a bad idea -
|
From: |
edgar . soldin |
|
Subject: |
Re: [Duplicity-talk] Why 'duplicity without private key' is a bad idea - WAS: Restart duplicity without private key |
|
Date: |
Thu, 19 Jun 2014 15:53:57 +0200 |
|
User-agent: |
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 |
On 19.06.2014 15:33, Radomír Černoch wrote:
> On 19 June 2014 15:07, <address@hidden> wrote:
>> On 19.06.2014 14:22, Radomir Cernoch wrote:
>>> OK, I see your point. I had 2 motivations for the "without private key":
>>> 1) Backup several machines with a single key pair for easier management.
>>
>> that's insecure by design
>
> Really? Could you elaborate on this, please?
> I planned to use a public key for encryption and store the private key
> off-line.
> In what ways is this less secure than your proposed scenario?
ok, that wouldn't. i assumed both carry the same secret key. so an atacker on
machine A would be enabled to decrypt backups of machine B in the same backup
repository.
but as already mentioned you completely ignored the fact that you can encrypt
against several keys at once. so no need for the above.
>
>>> Your solution indeed solves both issues. However, there is a price to
>>> pay: Twice the storage and twice the processor time for encrypting.
>>
>> don't understand, why? you mean key creation?
>
> Sorry, this was a mistake on my side. After having read more about
> GPG, the rest of my questions became irrelevant.
good to hear.. ede/duply.net
- Re: [Duplicity-talk] Restart duplicity without private key, (continued)
[Duplicity-talk] Why 'duplicity without private key' is a bad idea - WAS: Restart duplicity without private key, edgar . soldin, 2014/06/19