Hi git-annexers,
The git-annex website has two articles on encryption: https://git-annex.branchable.com/encryption/ and https://git-annex.branchable.com/tips/fully_encrypted_git_repositories_with_gcrypt/.
What is the difference between "vanilla" git-annex encryption and the workflow described in the "fully encrypted git repositories with gcrypt" guide?
I'm having a hard time figuring out whether one is more secure than the other. Or when I'd want to use one vs. the other.
Can anyone help shed some light?
Thank you.
For maximum security, should I use both? Or does gcrypt also encrypt file contents?
When a remote is a git repository that supports git-annex, using a gcrypt special remote encrypts both the git repository and file contents.
Other special remotes only store annexed file contents, not git repositories, so using encryption= with those is sufficient to encrypt their full contents.