close
Warning:
Can't synchronize with repository "(default)" (/usr/svn/silverfile does not appear to be a Subversion repository.). Look in the Trac log for more information.
- Timestamp:
-
Oct 7, 2009, 9:27:32 PM (13 years ago)
- Author:
-
hank
- Comment:
-
--
Legend:
- Unmodified
- Added
- Removed
- Modified
-
v3
|
v4
|
|
70 | 70 | Master passphrase file is located in the sfpass home and called |
71 | 71 | '''passphrase-master.gpg''' |
72 | | This file is edited by sfkeys in encrypted form only. See this page for info about |
73 | | vim plugin to edit encrypted in place (decrypted file never touches disk) |
74 | | http://www.vim.org/scripts/script.php?script_id=661 |
| 72 | This file is edited by sfkeys in encrypted form only. |
75 | 73 | |
76 | | To initially create the gpg file the command is: |
| 74 | Admins will have separate passphrase files located at /home/sfpass/passphrase-<admin>.gpg. |
| 75 | At this time we just have one passphrase file located at /home/sfpass/passphrase.gpg which |
| 76 | is readable by all admins. |
| 77 | |
| 78 | To render the decrypted passphrase file to STDOUT (note the additional dash): |
77 | 79 | {{{ |
78 | | gpg -c decryptedfile |
| 80 | gpg -o - /home/sfpass/passphrase.gpg |
79 | 81 | }}} |
80 | | |
81 | | Administrators will su to sfpass and access the passphrase file by standard out |
82 | | only. passphrase-master will require the appropriate password. |
83 | | |
84 | | To render decrypted file to STDOUT (note the additional dash): |
85 | | {{{ |
86 | | gpg -o - file.gpg |
87 | | }}} |
88 | | |
89 | | [/browser/trunk/third-party/vim_gnu_plugin/gnupg.vim Plugin for editing encrypted files in place using vim.] |
90 | 82 | |
91 | 83 | |
92 | 84 | '''Never save decrypted passphrase file to disk- View standard out only, and |
93 | 85 | cut/paste passphrase to another terminal''' |
| 86 | |
| 87 | For tips on creating and editing GPG files view the [/wiki/administration/system-admin Using GPG] section |
| 88 | in the administration guide. |
94 | 89 | |
95 | 90 | == Tunneling to specific !SilverFile appliance == |