[tahoe-dev] private aliases encryption

Brian Warner warner at lothar.com
Wed Nov 25 20:04:15 UTC 2009

Marc Doudiet wrote:

> I don't trust my laptop (the disk is not encrypted), I was wondering
> which risks I'm facing as the file in aliases in private is not
> encrypted, so I just modified my backup script with two lines to decrypt
> the file and srm it (secure rm). First step (one time) is to encrypt the
> file (gpg -c --cipher-algo BLOWFISH private/aliases), and here is an
> example script:

Hey, that's a great idea. As you saw, the security of your tahoe files
is dependent upon knowledge of the dircap in the aliases file, and thus
is equivalent to having access to the (plaintext) aliases file. With
your script, you've changed that to an "AND" combination of three
things: access to the (encrypted) aliases.gpg file, access to your gpg
keyring, and knowledge of the GPG passphrase.


More information about the tahoe-dev mailing list