age seems to be the new hot thing to encrypt data.

However, when you generate a key pair, the private key just sits as a plaintext file on your computer.

Maybe I’m too used to PGP, but this makes me a bit nervous. There doesn’t see to be a key manager that allows you to pass in a key id with which you encrypt / decrypt. It’s all done using the public key directly in the command line (for encrypting), or the plaintext private key file (to decrypt).

Am I missing something? Is there a better / easier way to manage these private key files?

  • authEnglish
    3·
    11 months ago

    The pgp private key sitting on your computer is also plain text… Unless you encrypt it

    • Cipher22@lemmy.worldEnglish
      32·
      11 months ago

      Right? Op is trying to personify “we’ve tried nothing and we’re all or if ideas”. It’s almost like it’s a beast practice to encrypt data at rest, including your pain text keys.

      • mim@lemmy.sdf.orgOPEnglish
        1·
        11 months ago

        Have you actually used age?

        Unlike gpg, encryption of the private key is not default (or straightforward). It also doesn’t have a key management system