You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
82 lines
3.6 KiB
82 lines
3.6 KiB
KMyMoney README.Encryption
|
|
Author: Thomas Baumgart
|
|
Date : Jan 01 2005
|
|
|
|
This README covers the various data formats used to store the information
|
|
managed with KMyMoney.
|
|
|
|
-----------------------------------------------------------------------------
|
|
Data storage
|
|
-----------------------------------------------------------------------------
|
|
|
|
KMyMoney stores your financial data in it's XML format. In general, files are
|
|
compressed using the GZIP format. Thus the resulting file is not directly
|
|
readable but can be made readable by the following commands:
|
|
|
|
% mv xxx.kmy xxx.kmy.gz
|
|
% gunzip xxx.kmy.gz
|
|
|
|
Now xxx.kmy is a readable XML file. There is no need to compress the file
|
|
again before you start KMyMoney again, because KMyMoney also reads the
|
|
uncompressed format. Please expect the file to be compressed again after
|
|
you save the file again from within the application.
|
|
|
|
Warning: Do not modify the XML data directly unless you know exactly all
|
|
the implications! Don't blame it on the KMyMoney developers if something
|
|
does not work anymore after you've changed the file. In any case, keep
|
|
a good backup of your files.
|
|
|
|
-----------------------------------------------------------------------------
|
|
Encrypting your data to hide your financial status
|
|
-----------------------------------------------------------------------------
|
|
|
|
If you want to save your data in a true encrypted fashion, you can use one of
|
|
the many encrypted filesystems to store your data or use the builtin GPG
|
|
support of KMyMoney.
|
|
|
|
In order to use this support, you have to have GPG installed and working
|
|
on your system for a key-pair you own. You can verify this by running
|
|
the following test:
|
|
|
|
% echo "This is a test" | gpg -ae -r <your-key-id-here> | gpg
|
|
|
|
This should ask you for the passphrase of your secret key and display
|
|
"This is a test" on the screen. Here's how this looks for me:
|
|
|
|
----------------------------------------------------------------------
|
|
thb@linux:~> echo "This is a test" | gpg -ae -r 0xb75dd3ba | gpg
|
|
gpg: checking the trustdb
|
|
gpg: checking at depth 0 signed=7 ot(-/q/n/m/f/u)=0/0/0/0/0/2
|
|
gpg: checking at depth 1 signed=1 ot(-/q/n/m/f/u)=6/0/0/0/1/0
|
|
gpg: next trustdb check due at 2010-01-02
|
|
gpg: 0xb75dd3ba: skipped: public key already present
|
|
|
|
You need a passphrase to unlock the secret key for
|
|
user: "Thomas Baumgart <thb@net-bembel.de>"
|
|
1024-bit ELG-E key, ID D1F83C2B, created 2001-06-23 (main key ID B75DD3BA)
|
|
|
|
gpg: encrypted with 1024-bit ELG-E key, ID D1F83C2B, created 2001-06-23
|
|
"Thomas Baumgart <thb@net-bembel.de>"
|
|
This is a test
|
|
thb@linux:~>
|
|
----------------------------------------------------------------------
|
|
|
|
If this works for you, then you can turn on GPG support in the KMyMoney
|
|
settings dialog. In the user id field, enter the respective information
|
|
about to find the key. The LED symbol to the right of the key will tell
|
|
you if a key is present for the data you entered. Note: Also substrings
|
|
would match. Thus entering only 'thb' in my case already turns on the
|
|
LED. Therefore, you should enter the full e-mail address or the hexadecimal
|
|
id with a leading 0x.
|
|
|
|
This would be enough to store your data encrypted with GPG. When you open
|
|
such a file with KMyMoney it will ask you for a passphrase.i
|
|
|
|
In case you use gpg-agent in the background, you will be only asked the
|
|
first time you open the file and then only again after the cache timeout
|
|
specified within gpg-agent. See the GPG documentation for more details on
|
|
howto setup the gpg-agent. If you don't use the gpg-agent, you will be asked
|
|
everytime you load an encrypted file into the engine. Saving into an
|
|
encrypted file does not need a passphrase.
|
|
|