Document PGP, RAM Disks, and Symmetric Encryption #107
Conversation
kj4ezj
added
documentation
| gpg --list-keys | ||
| ``` | ||
|
|
||
| ### Encrypt a Message |
There was a problem hiding this comment.
A couple other useful tips for basic encryption that aren't mentioned in here:
- It's possible to encrypt a single message to multiple recipients.
- It's possible to sign and encrypt at the same time, to provide some authenticity on where the encrypted message came from.
There was a problem hiding this comment.
Both added, with signing now being the default in my examples as it is good practice.
| Put a file there so you can tell whether or not a RAM disk is mounted. | ||
| ```bash | ||
| echo 'WARNING: If you can see this, there is currently no RAM disk mounted!' > /mnt/ram/STOP.txt | ||
| ``` |
There was a problem hiding this comment.
Alternatively what I like to do is remove permissions from the empty directory that will be the mount point. That will prevent reading or writing or even looking in to the directory until something is mounted there
There was a problem hiding this comment.
But then how do you know the mount point exists?
Can you please provide an example, if you want me to add it?
There was a problem hiding this comment.
You don't need to add it.
Basically something like
sudo mkdir /mnt/ram
sudo chmod 0600 /mnt/ram
Now it's impossible (non-root) to ls /mnt/ram or touch /mnt/ram/foobar. So you can't accidentally use it when there is nothing mounted there. But it's still possible to mount something at /mnt/ram.
This pull request submits my personal notes on using PGP for asymmetric encryption, RAM disks to work with secrets, as well as symmetric encryption. We have been using PGP to share secrets, I have been using a RAM disk to work with these secrets, and the symmetric encryption is useful to store secrets.