different keys for different machine?

Aaron P. Martinez aaron@philngood.com
Tue Jan 28 21:46:01 2003 

Wow, this is way more in depth than i was hoping for...

Ok...lets say, for security sake..that i really only need one, no lets
say two..one linux and one window's box to send email from..I use an
imap server so i often connect to the server from one of the two
machines.  The rest of the machines are server machines.  My network is
set up as such.....

internet gateway/firewall/router----int. router/samba/fw/---internal net
		|
		|
		|
               DMZ

(ascii art---not my forte)  

The internal net is where my email boxes are of course.  on the dmz
currently i have one maching doing most work...SMTP, IMAP, HTTP, SSH,
WEBMAIL, the ohter machine is just a haylafax server.  and then there is
my internal router/firewall/samba server.  I'm not sure this clears it
up..but it sounds like what the best thing in this situation to do is
share the key on my two workstation machines..(can i share the key on a
windows and linux box?) and then create a seperate key for each of the
other machines for encryption purposes?  I suspect that for the main dmz
machine, i should actually get a key through a CA so i don't get the
dreaded "untrusted key" or worse yet, my customers?

Hope this clears it up..and thanks for the quick responses.

Aaron martinez

On Tue, 2003-01-28 at 12:57, Thomas Arend wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Am Dienstag, 28. Januar 2003 17:16 schrieb Aaron P. Martinez:
> > I was generating a key the other day and then on a different machine, i
> > wanted to do it again..well, then i realized that i was going to have
> > the same name associated with different keys.  I have about 4 machines
> > that i will need to do this on.  Should i simply move my key pair to all
> > of my machines or make new one's on each machine?
> >
> > Thanks in advance,
> >
> > aaron martinez
> 
> You should copy your key-ring or export / import your secret key if you want 
> to be able to decrypt all your mail on every maschine. 
> 
> On linux on an network it's quite easy
> 
> user1@maschine1:~> ssh -l user2 maschine2 gpg --export-secret-key | gpg 
> - --import
> 
> Or you can share you secret-key-ring via nfs
> 
> Best regards
> 
> 
> Thomas
> 
>  
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
> 
> iD8DBQE+NtKi2TqsmTFMxwkRAiDWAJ456hjxaYhUvNCvygLZP42VUQGrIgCcCy7j
> 0PPgwjxSPQgKXj00vNgPo34=
> =WZAT
> -----END PGP SIGNATURE-----
> 
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users