Added shared cipher mode to encryptable special remotes.

This option avoids gpg key distribution, at the expense of flexability, and with the requirement that all clones of the git repository be equally trusted.
author: Joey Hess <joey@kitenet.net> 2012-04-29 14:02:18 -0400
committer: Joey Hess <joey@kitenet.net> 2012-04-29 14:02:43 -0400
commit: 1c16f616df9a8469d24cefb6007333df3a35a449 (patch)
tree: 2198232da7d7594d1a8d952724497c08ee22d2ce /doc/encryption.mdwn
parent: d7a4a9a66bd51b18a9e5f4427c3492db1adec40d (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/doc/encryption.mdwn b/doc/encryption.mdwn
index 0f83bb7f9..cc61fea6f 100644
--- a/doc/encryption.mdwn
+++ b/doc/encryption.mdwn
@@ -33,3 +33,16 @@ Note that once a key has been given access to a remote, it's not
 possible to revoke that access, short of deleting the remote. See
 [[encryption_design|design/encryption]] for other security risks
 associated with encryption.
+
+## shared cipher mode
+
+Alternatively, you can configure git-annex to use a shared cipher to
+encrypt data stored in a remote. This shared cipher is stored,
+**unencrypted** in the git repository. So it's shared amoung every
+clone of the git repository. The advantage is you don't need to set up gpg
+keys. The disadvantage is that this is **insecure** unless you
+trust every clone of the git repository with access to the encrypted data
+stored in the special remote.
+
+To use shared encryption, specify "encryption=shared" when first setting
+up a special remote.
author	Joey Hess <joey@kitenet.net>	2012-04-29 14:02:18 -0400
committer	Joey Hess <joey@kitenet.net>	2012-04-29 14:02:43 -0400
commit	1c16f616df9a8469d24cefb6007333df3a35a449 (patch)
tree	2198232da7d7594d1a8d952724497c08ee22d2ce /doc/encryption.mdwn
parent	d7a4a9a66bd51b18a9e5f4427c3492db1adec40d (diff)