[TriLUG] GPG in synch between desktop and laptop?
Don Jerman
djerman at pobox.com
Fri Mar 5 19:20:43 EST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
IIRC it exports unencrypted. If anyone gets ahold of it, they can be
you. If you want to make an archival copy, and you don't trust your
pass phrase, you might export it and use a symmetric cypher only pass
to make it safe (though, of course, then you still have a phrase to
remember).
I just copy my keyrings when I change my secret keys. I don't worry
about syncing my (copies of other people's) public keys generally --
since I mostly get them from keyservers in the first place.
Mike M wrote:
| On Wed, Mar 03, 2004 at 08:47:56PM -0500, Bill Vinson wrote:
|
|> Does anyone use GPG on multiple systems (such as Desktop and
|> Laptop)? How do you manage to keep all the signatures up to date
|> on both systems? Just curious how others handle this
|> situation...
|
|
| manually: export cp to /mnt/<nfsmount> import
|
| I traffic minimally in keys currently. I am familiar with the
| problem from losing the laptop recently.
|
| Is there a safe handling procedure for archiving your secret key?
| The man gpg shows --export-secret-key but warns this is a security
| risk, but why?
|
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFASRlaBleUSGYOpecRAvLZAJkBt1o03C2+sNC+KvHjVshPUE4SFgCfUUrE
HvuveIpfc1YQnNwcOhIByy4=
=FB7n
-----END PGP SIGNATURE-----
More information about the TriLUG
mailing list