2009/1/14 Kuda Dube <kd.gnu.linux at gmail.com>:
> I would really like to start implementing a personal security strategy
> and infrastructure from scratch and incorporate some or all of the
> aspects you specified. Where can I get a template/guide for such a
> task? Josh, can you share or put a rough guide on this ... just to help
> get started! Looking at personal files, e-mail, etc ... locally and in
> the cloud!
It is really not that hard to get the basics right:
1. Encrypt everything
2. Generate a GPG key of at least 2048 bits, and protect it with a
complex passphrase
3. Generate a key revocation certificate for your GPG key and keep
several hard copies around. I keep one in my wallet and one in my
safety deposit box at the bank. Locking one in your desk drawer at
work would be OK as well.
4. Once everything is encrypted, you can store it anywhere you like,
so make sure you have backups in at least two places.
5. Encrypt your private key with another private key and store copies
in a couple of places. Keep one and only one copy of that private key
in a safe place. Remember, this is just to protect you from losing
access to your real private key, and compromise of that key means that
you are still protected by your passphrase, which should give you
enough time to revoke that key and pull down all the copies of stuff
encrypted with it.
Others may have different suggestions, or spot flaws in my strategy.
Either way, I welcome comments.
--
Cheers,
Josh
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
