age seems to be the new hot thing to encrypt data.

However, when you generate a key pair, the private key just sits as a plaintext file on your computer.

Maybe I’m too used to PGP, but this makes me a bit nervous. There doesn’t see to be a key manager that allows you to pass in a key id with which you encrypt / decrypt. It’s all done using the public key directly in the command line (for encrypting), or the plaintext private key file (to decrypt).

Am I missing something? Is there a better / easier way to manage these private key files?

  • StudioLE@programming.dev
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    The author pronounces it [aɡe̞] with a hard g, like GIF, and is always spelled lowercase.

    I can’t be the only one to think GIF is a terrible example for pronunciation?

  • taladar@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    What a stupid name for a tool. Are they deliberately trying to make it unrecognizable when people read the word?

    • authed@lemmy.ml
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      The pgp private key sitting on your computer is also plain text… Unless you encrypt it

      • Cipher22@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        arrow-down
        2
        ·
        1 year ago

        Right? Op is trying to personify “we’ve tried nothing and we’re all or if ideas”. It’s almost like it’s a beast practice to encrypt data at rest, including your pain text keys.

        • mim@lemmy.sdf.orgOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          Have you actually used age?

          Unlike gpg, encryption of the private key is not default (or straightforward). It also doesn’t have a key management system