trusted keyring storage

Jim B
Fri, 17 Sep 1999 02:29:30 -0400

Hi, I was just curious as to how most *nix users store their keys.  I used
to use PGP on Windows and considered it a pretty safe place to store my keys
since it was a single-user OS... until more and more security flaws became
revealed which would allow anyone to get at my keys anyway.

Now I'm running Linux and looking for a decent mechanism to store my keys,
which is also convenient, and am looking to see how everyone else finds it
easiest.  I imagine the "best" way would be to just use a floppy disk and
mount it only when necessary, but I'm wondering how much trust I would be
able to put into the usual filesystem security (i.e., permissions) to
protect my keys.  I'm basically the only one who uses this machine, although
I do occasionally have others (friends) log in once in a while both remotely
(I'm on a ppp dialup) and from the console.

I have taken the necessary measures regarding permissions to protect my dir,
keys, etc. and am quite familiar with security measures, but I still am a
little weary of putting keyrings on any networked machine.  I guess my real
question is, "Am I being too paranoid?"  :)

Thanks for any advice.