GPG on different machines

Stefan Suurmeijer stefan@symbolica.nl
Wed, 2 Aug 2000 18:00:26 +0200 (CEST)


On Tue, 1 Aug 2000, Sam Roberts wrote:


> Quoting Stefan Suurmeijer <stefan@symbolica.nl>, who wrote:
> > On Sun, 30 Jul 2000, Subba Rao wrote:
> > > I have installed GPG on 2 different machines. The different user accounts on these
> > > machines are identical. Very likely, I plan to have 2 sets of keys for each user account,
> > > one for each machine. Are there any good practices regarding the number of keys a user
> > > may have?
> >
> > A lot of users have two, one at work and one private for instance. There
> > are no rules. But a different key for each machine seems a bit much. I'd
> > have to have dozens of keys. Help.
>
> I do this as well, but have some questions about good practice. Mail that gets sent to
> my home address (sroberts) also arrives at my work address. However, if it's encrypted
> I can't read it. So, I need to have my private key for sroberts at work, or do I?
>
Yes. If you want to decrypt mail for your private address at work or v.v., you need both keys. It's possible to transport your secret key to another machine. Use gpg --export-secret-keys > filename. Then transport the file you created by a safe means to your other machine. Mailing it encrypted to your work address would work, or sftp if you have it. I wouldn't use ftp etc, since that would send your private keys over the net for anyone to catch.
> How is this dealt with? It's seeming complicated enough that I might as well just have
> one secret keyring, and just copy it to any machines that I read/send mail at/from.
>
> Sam
Yup. See above
>
> --
> Sam Roberts (sam@cogent.ca), Cogent Real-Time Systems (www.cogent.ca)
>
Stefan ========================================== Stefan Suurmeijer Network Specialist University of Groningen tel: (+31) 50 363 3423 fax: (+31) 50 363 7272 E-mail (business): s.m.suurmeijer@let.rug.nl E-mail (private): stefan@symbolica.nl ========================================== Quis custodiet ipsos custodes? (Who'll watch the watchmen?) - Unknown -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org