Keyring Storage

David Shaw dshaw@jabberwocky.com
Tue Aug 26 03:22:01 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Aug 25, 2003 at 08:56:51PM -0400, Andrew James Barr wrote:
> I was wondering what the proper way to store a GPG or PGP secret keyring
> would be? I am talking about the ~/.gnupg/secring.gpg file in GPG and
> the .skr files in PGP (Windows). I have been backing these files up with
> a periodic homedir backup to a CD-R, which I just keep in a drawer with
> all my other CDs. Aren't the keys, when stored in these files, protected
> by of course the passphrase but not encryption as well? Please excuse
> any ignorance on my part but I have not been into encryption for that
> long.

The secret keys are stored encrypted on the keyring.  The passphrase
is used to decrypt them just before use.

It is possible to have no passphrase, and thus no encryption, but this
isn't recommended for obvious reasons.

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.3-cvs (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc

iHEEARECADEFAj9KtooqGGh0dHA6Ly93d3cuamFiYmVyd29ja3kuY29tL2Rhdmlk
L2tleXMuYXNjAAoJEOJmXIdJ4cvJt7UAniT2OVNg3QMB9hwGGU2BZwpxO2gvAKCz
4vCbl6c+InzrC8Ul8lManasw/A==
=4DeZ
-----END PGP SIGNATURE-----