Greg Grossmeier

Greg Grossmeier at

After a week of remodeling going on at the work office, I come back and find that my laptop is missing (we’ll just assume stolen at this point, really).

Right not I can’t do much but fret about what was wrong with its setup (the most wrong probably being the lack of full disk encryption because it was a work issue Dell XPS with Ubuntu preinstalled that I didn’t have the time to reinstall with Debian). All I can do now is hope that the people who stole it aren’t identity thieves as well. If you start to see random posts here, well….

What I need now, for when I get my replacement laptop, is a well thought out plan for how to do encryption/security right. What I’m thinking is:
  • For my GPG subkey I use for signing, do xyz
  • For my GPG subkey I use for personal encryption (password files etc), do zyx
  • For my GPG subkey I use for automatic personal encryption (backups), do yxz
  • For my ssh key I use for remote server access, do zxy
  • For my ssh key I use for automatic remote server access (backups), do yzx
  • etc
For all of these, the xyz could include things like “store on an encrypted volume usb key that never leaves home” or some such. In other words: I want to do this the right way. In the places I cut corners (ie: automatic backups) I know I’m cutting corners and thus those things have limited reach/use.

Dear helpful security crypto web: Where is that guide or set of guides?

a(n) person, Mike Linksvayer, Michael Ekstrand, Susan Pinochet likes this.

Greg Grossmeier shared this.

Show all 6 replies
Michael: yeah, that's a great suggestion (yubikey). I might use that as part of the system. Relatedly, does anyone I know use http://passwordsafe.sourceforge.net/ ?

Greg Grossmeier at 2013-08-13T17:08:53Z

When I was evaluating password management tools a few years back (Password Gorilla, Password Safe, etc.), I settled on KeePassX, largely because the kdb file format is widely supported (e.g. KeePassDroid).

Blaise Alleyne at 2013-08-13T23:57:17Z

I had been trying to remember the name of Monkeysphere for a while now. Thanks!

Nathan Smith at 2013-08-14T00:50:16Z

Fuckin' sorry to hear that, dude.

Pete Daniels at 2013-08-14T05:07:14Z