From fa0c98d8de5364d64297bbed7f958c05a8bdaf52 Mon Sep 17 00:00:00 2001 From: anarcat Date: Thu, 17 May 2018 21:02:32 +0000 Subject: [PATCH] Added a comment: headless configs --- ...t_11_30b926fbabe9a0089de1f55f6f9a5d2d._comment | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 doc/encryption/comment_11_30b926fbabe9a0089de1f55f6f9a5d2d._comment diff --git a/doc/encryption/comment_11_30b926fbabe9a0089de1f55f6f9a5d2d._comment b/doc/encryption/comment_11_30b926fbabe9a0089de1f55f6f9a5d2d._comment new file mode 100644 index 0000000000..5cddcfee49 --- /dev/null +++ b/doc/encryption/comment_11_30b926fbabe9a0089de1f55f6f9a5d2d._comment @@ -0,0 +1,15 @@ +[[!comment format=mdwn + username="anarcat" + avatar="http://cdn.libravatar.org/avatar/4ad594c1e13211c1ad9edb81ce5110b7" + subject="headless configs" + date="2018-05-17T21:02:32Z" + content=""" +is there some combination of this and the gcrypt special remote that would give me the following properties: + + 1. password-less operation (ie. allow uploading content without the private key) + 2. easy revocation and key rotation (ie. not encrypt directly with GnuPG but instead encrypt a keyfile with the public keys) + +It seems to me this would be technically possible, no? A mix of \"hybrid\" and \"sharedpubkey\", basically...? + +Hybrid works great, except I can't use it in my scenario because I am trying to automate backups and it will prompt me for the private key password. I guess the solution here is to have a special unencrypted private key for the batch job? Thanks! -- [[anarcat] +"""]]