Re: [Tails-dev] Adding 'age' encryption tool to Tails

Supprimer ce message

Répondre à ce message
Auteur: codesoap
Date:  
À: tails-dev
Sujet: Re: [Tails-dev] Adding 'age' encryption tool to Tails
intrigeri <intrigeri@???> wrote:
> codesoap--- via Tails-dev (2021-10-30):
> > lately I'm beginning to use 'age' in many scenarios where I used gpg
> > previously.
>
> Could you please describe such scenarios, so we can check how closely
> they match our design goals and personas?


Sure. I'm starting to use age for backups using an asymmetric key. In
order to keep my private key safe, I'd like to generate it on a Tails
system without persistent storage and without a network connection (at
least after I installed the needed software). I would then immediately
split the key using libgfshare-bin and burn the individual shares onto
optical discs using Brasero. I'd like to use Tails for this, because it
is the OS I trust the most to not keep any persistence after it has been
shut down.

I also find age's '--passphrase' flag useful to quickly/easily
(symmetrically) encrypt less sensitive files in order to transport them
on a USB thumb drive.

I could also see myself using age to share sensitive files over public
channels, because I feel like it would be easier to explain to a
"crypto-novice" how to use age, than to explain to the same person
how to use gpg. However, this use case only works for peers who are
comfortable with the command line, since age does not (yet) have
graphical front-ends as far as I know.

I prefer age over gpg, not only because of its ease of use, but also
because I generally trust simple software more than complex software.

> The good news is that I think users can already add "age" to their
> Additional Software: apt install age/bullseye


Cool, I wasn't aware that I have to add the '/bullseye' suffix. This
solution works well for me. Thanks!

Greetings,
Richard Ulmer