[vox-tech] moving gpg keys to another computer
Henry House
vox-tech@lists.lugod.org
Wed, 8 Oct 2003 21:43:47 -0700
--bp/iNruPH9dso1Pn
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
P=E5 onsdag, 08 oktober 2003, skrev p@dirac.org:
> hi all,
>=20
> if my gnupg keyring and stuff is on from.host and i want to be able to
> sign and encrypt files on to.host, is it good enough to simply do this:
>=20
> scp -r me@from.host:.gnupg me@to.host:
>=20
> or are there other issues involved? is it just a matter of copying the
> .gnupg directory to the other host?
>=20
> i've never use gpg on to.host, so ~/.gnupg doesn't exist on to.host.
Yes, that will work. However, you may choose to instead create separate key
for the other system and sign it with your original key, so that if one host
is compromized you still have one unconpromized key, and to avoid file
synchronization worries. Or keep the key on a USB drive that you tote around
with you.
If the two hosts are on the same network, it would make sense to use NFS
instead of duplicating the directory. (I know that you already know about
NFS, so the last sentence is for others' benefit.)
--=20
Henry House
The unintelligible text that may follow is a digital signature.=20
See <http://hajhouse.org/pgp> for information. My OpenPGP key:
<http://hajhouse.org/hajhouse.asc>.
--bp/iNruPH9dso1Pn
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/hOeDi3lu92AVGcIRAjMfAJ4trN7ycZOXZK3XxzkCyicWuw2zAwCcCFpI
W0p92LZH4BESKAWaqEc1zb4=
=PAAN
-----END PGP SIGNATURE-----
--bp/iNruPH9dso1Pn--