Backup encryption key
Dotan Cohen
dotancohen at gmail.com
Thu Apr 23 18:14:34 IDT 2009
>> Actually, I do not automate it. This is the command that I use to make
>> the tarball:
>> $ tar -zcvf - /home/user/ | openssl des3 -salt -k PASSWORD | dd of=DATE.tbz
>>
>> And this one to decrypt it:
>> $ dd if=DATE.tbz | openssl des3 -d -k PASSWORD | tar zvxf -
>
> So you password appears in cleartext in the shell history, probably in
> some logs, is ps output, etc?
>
Actually, I am aware of that problem. I had considered writing a shell
script to automatically add the date and ask for the password, but
decided that will be my opportunity to learn python instead. So until
I have a spare day to get into Python I'm doing it this way. It is a
single user system, which is not an excuse, but it mitigates risks.
--
Dotan Cohen
http://what-is-what.com
http://gibberish.co.il
More information about the Linux-il
mailing list