PGP help and comments.
J. Michael Diehl
mdiehl at triton.unm.edu
Sun Apr 4 00:18:19 PST 1993
>J. Michael Diehl <mdiehl at triton.unm.edu> writes:
>> I would like to use pgp on the mainframes, but don't want to store my secret
>> key on their disks. Would it be possible to have pgp accept it's secret key
>> via stdin. I could do an ascii upload of my secret key and never expose my
>> key to disk-storage.
>
> This is even more dangerous than storing it on the disks of a multi-user
> machine. Unless you are running in a kerberos environment it is trivial to
> snoop your upload off the network, and even without that weakness you are
> exposing yourself to the same problem that the docs mention (it is really
> pretty easy to scan someone's terminal input) only you are giving them the
> key outright instead of only giving them the passphrase to your key.
Point taken.
>
> Bad idea.
Sure is. Thanx.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.2
mQBNAiu21SIAAAECAMKkKKP4JIxSPR7rOUZ7mbi6yDPfFa7T6zOtOBX8iI939tIU
9JFTxdyvTejK3qmYDGozNaqySQ/0++nGqZgikcsABRG0LUouIE1pY2hhZWwgRGll
aGwsIG1lLCA8bWRpZWhsQHRyaXRvbi51bW4uZWR1Pg==
=YquS
-----END PGP PUBLIC KEY BLOCK-----
More information about the cypherpunks-legacy
mailing list