I've been hacked and now I only use a key pair on keybase.
Stefan Claas
sac at 300baud.de
Mon May 27 16:10:55 CEST 2019
Andrew Gallagher wrote:
> For the last four years or so, I have maintained my PGP primary key
> on a Tails[0] thumb drive, and my subkeys on a redundant pair of
> OpenPGP smartcards. This gives me:
>
> a) offline storage of my master key
> b) secure backup of all key material
> c) convenient access using any of my existing machines
>
> I started developing a tool[1] to simplify the management of the
> offline primary key on the Tails drive, but development has stalled.
> If there is genuine interest out there, I will dedicate some more
> time to it.
>
> [0] https://tails.boum.org
> [1] https://github.com/andrewgdotcom/frith
>
Thanks for outlining your procedure!
I will give tails a try soon, but not for PGP usage.
I will go for my procedure, involving an offline Notebook
and a second key (which I have now on keybase).
This will give users the option, when communicating with
me, that they either can choose my keybase key, which I
think is a good idea from keybase, because it would allow
IMHO people to travel to the U.S. without carrying a secret
key with them, in case border patrol checks computers etc.
and my offline key for "important" stuff, which then will
be also used to sign all outgoing messages, regardless
which key is used.
I think it is a good procedure and in case stuff like
tempest attacks etc. would came into play then it is
game over, for a normal EU citizen like me. But at
least it should keep hackers away from my GnuPG and
box encrypted communications.
Regards
Stefan
More information about the Gnupg-users
mailing list