Just a quick disclaimer: I initially posted this question to Crypto site but was told it was too specific for that site.
I am looking for a safe method to encrypt a local file on my machine. Let’s say I have a file containing my logins and passwords — how can I make sure that the encryption is reasonably sufficient in case this file falls into the wrong hands? I have a Yubikey that supports PGP application, and on it, I have a signature, encryption, and authentication PGP subkeys. I would like to find a protocol that would protect the file even when someone may get the encrypted file AND the USB token.
Ideally, I would like to find a protocol that would not require a specific program/script to create such encryption. The first thing that came to mind is to encrypt it with a symmetric key using PGP (GPG) and then encrypt the output using my own PGP public key. I know I should not invent the wheel when it comes to cryptography; hence, I am looking for established protocols or the combination thereof that have been tested with time and have all their shortcomings well known.
I am aware of password manager apps, but most of them cannot be used offline. The one that can (KeePass2) is a PITA to set up for a 2FA with Yubikey, especially on Linux which is my primary OS. Any alternative?
