[stunnel-users] Passphrase validation
Vasil Dimov
vd at datamax.bg
Thu Jun 23 09:15:57 CEST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, Jun 22, 2005 at 07:39:54PM +0200, Sergio Gelato wrote:
>
...
> operation, there is little (if any) actual security benefit from using a
> non-null passphrase and storing it in a separate file; however, some
> software (e.g., Java) does work that way, and I don't see any harm in
...
Having encrypted private_key.pem and a plain text file
private_key.pem.passphrase which contains the encryption password really
does not make any sense. Ofcourse both files should be chown root and
chmod 400.
-----BEGIN PGP SIGNATURE-----
iD8DBQFCumGtFw6SP/bBpCARAp52AJ9cOGOgwTqnuDN82ubkU5Vk3uieWgCdHQSS
tBmrJ3voYiHwD9hJOwtwocM=
=+cCS
-----END PGP SIGNATURE-----
More information about the stunnel-users
mailing list