[kwlug-disc] How do you keep tabs of your GPG, SSH, and SSL keys?

Andrew Sullivan Cant acant at alumni.uwaterloo.ca
Mon Mar 11 15:53:04 EDT 2013


yeah, you loose the de-duplication that git would do normally but you 
get the history. And if there are all smallish files that might be OK.

AND you central git repository doesn't need to do anything fancy.

putting all the git repositories into an encrypted store would preserve 
the history stuff, but then you need the encrypted store stuff working 
on the server and the client. And I am not quite sure what the right way 
to handle that would be.

I guess something like auto-mounting the encrypted filesystem:
http://en.gentoo-wiki.com/wiki/Encrypt_home_directory_with_ecryptfs

seem like it might work.


Additionally, KeePass2 looks like it has an XML format which might be an 
interesting possibility for storage.

Andrew


On 13-03-11 11:21 AM, Chamunks Arkturus wrote:
> That could be an interesting idea i'm guessing from my skimming the
> git-encrypt you would likely be encrypting your keystore into a text
> file then pushing to git in a script of sorts yes?
>
>
> On Mon, Mar 11, 2013 at 10:28 AM, Andrew Sullivan Cant
> <acant at alumni.uwaterloo.ca <mailto:acant at alumni.uwaterloo.ca>> wrote:
>
>     I have a similar situation, and have been thinking about this
>     recently too.
>
>     I have let more and more of my data be managed in git, so I have
>     been kicking around whether to try transparent encryption in git itself:
>     https://github.com/shadowhand/__git-encrypt
>     <https://github.com/shadowhand/git-encrypt>
>
>     Or just keeping my git repository on an encrypted store on both the
>     server and every client.
>
>
>     I also came across the open password file format for
>     1Password(proprietary OXS app) which might be useful for storing
>     passwords in git.
>     http://blog.agilebits.com/__2013/03/06/you-have-secrets-__we-dont-why-our-data-format-__is-public/
>     <http://blog.agilebits.com/2013/03/06/you-have-secrets-we-dont-why-our-data-format-is-public/>
>
>
>     And for one more thing that I have looked at but not yet used:
>     Firefox Sync
>     http://support.mozilla.org/en-__US/kb/firefox-sync-take-your-__bookmarks-and-tabs-with-you
>     <http://support.mozilla.org/en-US/kb/firefox-sync-take-your-bookmarks-and-tabs-with-you>
>
>     Encrypted everything on the client, but it is probably not useful
>     outside of Firefox. You can use their service for storing
>     information, but in theory you can also run your own server.
>
>
>
>      >     I use keypass and store private keys in there. It's not elegant
>      > but it works.
>
>     Their list of plugins look really interesting
>     http://keepass.info/plugins.__html <http://keepass.info/plugins.html>
>
>
>     Andrew
>
>
>
>     On 13-03-06 9:47 PM, Chamunks Arkturus wrote:
>
>         I see that keepass apparently has its own plugin version of
>         puttyagent
>         thats pretty awesome the only thing that would concern me is cross
>         platform capability.
>
>
>         On Wed, Mar 6, 2013 at 5:04 PM, Jonathan Poole
>         <jpoole at digitaljedi.ca <mailto:jpoole at digitaljedi.ca>
>         <mailto:jpoole at digitaljedi.ca <mailto:jpoole at digitaljedi.ca>>__>
>         wrote:
>
>
>
>              Sent from my iPhone
>
>              On Mar 6, 2013, at 9:33 AM, Chamunks Arkturus
>         <chamunks at gmail.com <mailto:chamunks at gmail.com>
>              <mailto:chamunks at gmail.com <mailto:chamunks at gmail.com>>> wrote:
>
>               > I'm the type of person who has several machines that I
>         work on
>              and from those machines I have several others that I
>         administrate
>              and communicate with.  which means that I have loads of ssh
>         keys and
>              gpg keys in too many places what are some reccomendations for
>              syncing these things together and making sure that I dont
>         lose my
>              keys under the cushions.
>               > _________________________________________________
>               > kwlug-disc mailing list
>               > kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>
>         <mailto:kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>>
>
>               > http://kwlug.org/mailman/__listinfo/kwlug-disc_kwlug.org
>         <http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org>
>
>              _________________________________________________
>              kwlug-disc mailing list
>         kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>
>         <mailto:kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>>
>
>         http://kwlug.org/mailman/__listinfo/kwlug-disc_kwlug.org
>         <http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org>
>
>
>
>
>         _________________________________________________
>         kwlug-disc mailing list
>         kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>
>         http://kwlug.org/mailman/__listinfo/kwlug-disc_kwlug.org
>         <http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org>
>
>
>




More information about the kwlug-disc mailing list