This post will not touch Gentoo at all in its topic, but these considerations do stem out of a Gentoo-related problem. The problem relates on our infrastructure system, not like there are problems with Infra, rather a problem of us developers, but let me explain.
We usually login to the various infrastructure boxes like dev.gentoo.org (webspace and other), the CVS and the GIT servers through the use of SSH keypairs, without a password. This is basically a generic method to keep boxes secure still allowing external access to them. But we also have a password set in LDAP that is used for the mail and to set LDAP data. One of the things I find most useful as a non-recruiter developer is being able to look up the IM addresses of the devs who made them available to other devs. I use Jabber a lot, especially since it allows me to avoid IRC.
As we rarely use that password, you can easily expect that a good deal of us forget that password quite easily. I asked already twice in three years for that to be reset (to my defense, it wasn’t even set the first time). Now to get it reset we have to ask someone, like Robin, who has to do the stuff by hand. I wondered how it can be safely automated. We have SSH and PGP keypairs, they could just as well work.
This in turn made me wonder how much safe are some services’ logins. I often forget some passwords, so it happens that I ask for a replacement, it arrives to my mail, and then I trash the mail for safety. But what if the mail was encoded with GnuPG? Then I’d need my keypair to decode it, and I can trust to leave it on the server. You could also use it to avoid phishing: make the outgoing service mail to be GPG-signed.
I tried something like that before in PHP, but it wasn’t really simple because you either had to leave the secret key without a passphrase, or you had to hardcode the passphrase inside the source (or configuration) files, which is not a good idea.
Sincerely I wonder if there is any software out there that does use GnuPG in a non-interactive way, beside simple scripts. Of the latter I have an example handy. The whole database of this blog as well as of xine Bugzilla is dumped every night, then compressed and encrypted with my GPG public key, the result is then sent directly to my email address, where I store them (I actually have to write another script to fetch one backup every week and write it off on a CF card, using tar directly on the device, without any filesystem, it should limit the deletion, after all it was designed for magnetic tapes, and the limitations are almost the same between the two).
It would be quite nice if w could easily let all the sensitive information encrypted on the mail server. Unfortunately using GMail through WebMail ruins the whole idea. Luckily, they do offer IMAP and POP3 which make using GnuPG quite friendlier.
