different keys for different machine?

Thomas Arend Thomas.Arend@t-online.de
Wed Jan 29 17:25:13 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am Dienstag, 28. Januar 2003 21:46 schrieb Aaron P. Martinez:
> Wow, this is way more in depth than i was hoping for...
>
> Ok...lets say, for security sake..that i really only need one, no lets
> say two..one linux and one window's box to send email from..I use an
> imap server so i often connect to the server from one of the two
> machines.  The rest of the machines are server machines.  My network is
> set up as such.....
>
> internet gateway/firewall/router----int. router/samba/fw/---internal ne=
t
>
>
>
>                DMZ
>
> (ascii art---not my forte)
>
> The internal net is where my email boxes are of course.  on the dmz
> currently i have one maching doing most work...SMTP, IMAP, HTTP, SSH,
> WEBMAIL, the ohter machine is just a haylafax server.  and then there i=
s
> my internal router/firewall/samba server.  I'm not sure this clears it
> up..but it sounds like what the best thing in this situation to do is
> share the key on my two workstation machines..(can i share the key on a
> windows and linux box?) and then create a seperate key for each of the
> other machines for encryption purposes?  I suspect that for the main dm=
z
> machine, i should actually get a key through a CA so i don't get the
> dreaded "untrusted key" or worse yet, my customers?

I will give only a general answer. I use Samba as a "domain controler" an=
d log=20
on with a samba/linux userid on my windows box. /home/userid is exported =
to=20
drive Z:. The registry-key to the key-ring is set to z:.gungp.=20

With gnupg 1.2.1 this works fine.

With an earlier version I had some problems I never investigated until th=
e=20
end.

You can have more than one secret key in the keyring. best is to use for =
all=20
keys the same passphrase or matra (as it's called in the German version).=
=20
Otherwise you will get a little confused.

You only need your private / secret key for signing and decryption. For=20
encryption you need the public key of the corrospondend you send your=20
messages.

=20

Thomas

>
> Hope this clears it up..and thanks for the quick responses.
>
> Aaron martinez

[snip]
=2E..
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+OAEM2TqsmTFMxwkRAjWmAKCz8HvClSFHfTg+P5ZJxVK+nftiGwCfUYYn
pLmM9lj8dtv2/tzYrYDYn74=3D
=3Drnkf
-----END PGP SIGNATURE-----