After a week of remodeling going on at the work office, I come back
and find that my laptop is missing (we’ll just assume stolen at this
point, really).
Right not I can’t do much but fret about what was wrong with its setup (the most wrong probably being the lack of full disk encryption because it was a work issue Dell XPS with Ubuntu preinstalled that I didn’t have the time to reinstall with Debian). All I can do now is hope that the people who stole it aren’t identity thieves as well. If you start to see random posts here, well….
What I need now, for when I get my replacement laptop, is a well thought out plan for how to do encryption/security right. What I’m thinking is:
Dear helpful security crypto web: Where is that guide or set of guides?
Right not I can’t do much but fret about what was wrong with its setup (the most wrong probably being the lack of full disk encryption because it was a work issue Dell XPS with Ubuntu preinstalled that I didn’t have the time to reinstall with Debian). All I can do now is hope that the people who stole it aren’t identity thieves as well. If you start to see random posts here, well….
What I need now, for when I get my replacement laptop, is a well thought out plan for how to do encryption/security right. What I’m thinking is:
- For my GPG subkey I use for signing, do xyz
- For my GPG subkey I use for personal encryption (password files etc), do zyx
- For my GPG subkey I use for automatic personal encryption (backups), do yxz
- For my ssh key I use for remote server access, do zxy
- For my ssh key I use for automatic remote server access (backups), do yzx
- etc
Dear helpful security crypto web: Where is that guide or set of guides?
a(n) person, Mike Linksvayer, Michael Ekstrand, Susan Pinochet likes this.
Greg Grossmeier shared this.
Show all 6 replies
Michael: yeah, that's a great suggestion (yubikey). I might use that as part of the system. Relatedly, does anyone I know use http://passwordsafe.sourceforge.net/ ?
When I was evaluating password management tools a few years back (Password Gorilla, Password Safe, etc.), I settled on KeePassX, largely because the kdb file format is widely supported (e.g. KeePassDroid).