Re: Security of piping unencrypted keyfile through named pipe

[Toby <tobia.conforto@xxxxxxxx>]

Phil H wrote:
> #N=65 #version 3
> N=64 #version 2
> ((M = N + 1 ))
> mkfifo -m 600 npipe
> echo "head -c 2925 /dev/random | uuencode -m - \
>   head -n $M | tail -n $N | gpg -c -a -o ${KEYFILE}"\
>   >npipe &
> rxvt +sb -geometry 80x1 -fn fixed -cr blue \ 
>   -T "Password" -e sh npipe
> wait
> rm -f npipe

Why use a pipe at all?

cmd="head -c2925 /dev/urandom | uuencode -m - | sed -n 2,$((N+1))p |
     gpg -c -a -o ${KEYFILE}"
rxvt +sb -geometry 80x1 -fn fixed -cr blue -T Password -e sh -c "$cmd"


Toby

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/