Best way to securely open and read a file?
Moderator: General Moderators
Best way to securely open and read a file?
So outside of SSL and SSH is there any way to securely open and read from a file? I know using a database is also an option but I'd rather not go that route. Does anyone have any ideas on how best to open and read from a file that contains passwords or other sensitive information?
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
Re: Best way to securely open and read a file?
Without going through a secured layer, I don't see how this is possible since at some point the data must be transmitted in plain text.
Re: Best way to securely open and read a file?
Yeah, unfortunately that was my first though as well. I'm trying to read a rijndael encryption key from a single file instead of having to include it both the .php and flash applications. I can't use SSH with flash and SSL have some problems from the looks of it.... so I guess I'm back to square one unless anyone has any other ideas.
Re: Best way to securely open and read a file?
PGP...somehow? I don't know much about it - just that it's used quite a bit by people who want encryption without a lot of hassle.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
Re: Best way to securely open and read a file?
Waitwaitwait.
Are you asking about reading from a local file, or a file that's on another machine containing an encryption key?
If it's a remote file, you will ultimately need asymmetric crypto, both SSL and PGP are more or less this, and there are other options out there, no easier to use, I'm afraid. There's no other way of securely transporting a key on an insecure channel.
Maybe if you explain more about your situation, we could think of another solution to your problem.
Are you asking about reading from a local file, or a file that's on another machine containing an encryption key?
If it's a remote file, you will ultimately need asymmetric crypto, both SSL and PGP are more or less this, and there are other options out there, no easier to use, I'm afraid. There's no other way of securely transporting a key on an insecure channel.
Maybe if you explain more about your situation, we could think of another solution to your problem.