Backing up Private Keys
Robert J. Hansen
rjh at sixdemonbag.org
Tue Apr 16 05:15:19 CEST 2013
On 4/15/2013 9:21 PM, Henry Hertz Hobbit wrote:
> 3. Copy the files recursively from ~/.gnupg to /win/e/gnupg for the
> windows side of that machine. I always have a FAT32 E: partition for
> copying files. Those files and folders are copied in AS IS. I have
> never had proglems. Mixed 32 / 64 or BE / LE? Start exporting and
> importing. It is the ONLY way you will get it done. Remember you
> need the trustdb unless you want to import and give trust levels
> again.
This is not correct.
GnuPG keyrings are just a stream of OpenPGP octets in a format that
conforms to an OpenPGP message. Since RFC4880 fully specifies things
like how to handle endianness and whatnot, GnuPG keyrings are
architecture- and endianness-agnostic.
(And yes, I have migrated .gnupg folders between 32- and 64-bit systems,
including from 64-bit PowerPC UNIX to a 32-bit Wintel environment -- the
trifecta of OS, architecture and endianness all changing. Zero problems.)
> 4. zip up a copy using 7zip's AES128 with a sufficent password for a
> modicum of protection.
Why? The private certificates are already secured with AES.
More information about the Gnupg-users
mailing list