Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 10-30-2007, 08:41 PM   #1
LQ Newbie
Registered: Aug 2007
Posts: 24

Rep: Reputation: 15
Key Security: Symmetric Encrypting Individual Files

If I am using 'gpg -c --cipher-algo AES256 filename.tar' to symmetrically encrypt a .tar archive, is there a key file somewhere on the hard disk? What I mean is, if someone stole my computer, and the filesystem itself wasn't encrypted, would they even have to bother trying to guess the passphrase, or is there a file similar to the private key that is created for RSA that can just decrypt anything?

Old 11-01-2007, 05:40 AM   #2
Senior Member
Registered: Mar 2005
Location: Earth bound to Helios
Distribution: Custom
Posts: 2,524

Rep: Reputation: 319Reputation: 319Reputation: 319Reputation: 319
They may try guessing passphrase
Old 11-01-2007, 07:27 AM   #3
Registered: Oct 2007
Distribution: rhel, fedora, gentoo, ubuntu, freebsd
Posts: 104

Rep: Reputation: 16
afaik (I could be wrong on this), most apps that use symmetric key encryption and prompt you for a password generate a key based on a hash of that password. At least, the utility "aes" does that.

In that situation, the password is the source of the key, which means a weak password => an easy-to-get key. However, no key file would be stored on disk.

You might give it a try and check if your keychain changed as a result of it...
Old 12-28-2007, 03:29 PM   #4
LQ Newbie
Registered: Aug 2007
Posts: 24

Original Poster
Rep: Reputation: 15
Totally forgot I'd posted this Thanks for the responses.

OK, so even if someone gained root access to my computer, they would still have to know the passphrase to decrypt a symmetrically encrypted file?

Old 12-30-2007, 01:25 AM   #5
Registered: Oct 2007
Distribution: rhel, fedora, gentoo, ubuntu, freebsd
Posts: 104

Rep: Reputation: 16
That is correct. But if someone gained root access to the system, they'd likely be able to use a wide variety of methods to get your password or get around it next time you accessed the file in question. Basically, there's no security on a compromised system. All you can do is prevent the system from being compromised or detect when it is.


aes, encryption, key, management

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
command line tool for encrypting files! Shioni Linux - Security 4 09-26-2006 04:38 PM
encrypting files in linux darkangel29 Linux - Software 1 11-27-2005 02:17 PM
software for encrypting files? mifan Linux - Security 8 08-13-2005 09:13 AM
Passwording individual files SuSE05 Linux - Software 4 04-20-2005 06:14 AM
Burning individual files... nutshell Linux - General 4 03-02-2002 09:21 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:19 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration