backup startegy for keyrings

Steve Butler sbutler at fchn.com
Wed Mar 3 08:23:10 CET 2004


But Neil, that answer begs the question of when does the pubring.gpg~ file
get generated.  And under what circumstances.  For example, yesterday I
imported a new public key.  The "backup" keyring file called pubring.gpg~
was not created.

But, I do have such a file from about a month ago when I did some edits on a
key.

So, not knowing the precise answer (and hoping one of the development team
members will jump in), I have to suppose that the file is generated _before_
edits are done to existing keys.  But, it is not generated before, during,
or after an import operation.

That still leaves questions of when during the "edit" phase that the file is
copied.  

1.  Is it the "before" image of the entire file when the first --edit
operation was done.  
2.  Or, if there are several edits done in a row does the "backup" for the
last edit overwrite the prior entries?
3.  Or, does each edit operation simply backup the key being worked on.

Granted, one should not depend on the pubring.gpg~ file for long-term
backup.  But, since the file is generated, it would be nice to know at what
point it could be used to "rollback" a "transaction" (if I might invoke
database terminology).




-----Original Message-----
From: Neil Williams [mailto:linux at codehelp.co.uk]
Sent: Sunday, February 29, 2004 12:14 PM
On Sunday 29 February 2004 4:08 pm, Hasnain Mujtaba wrote:
> How does GPG backup its keyrings? Are the keyrings backed up before a key

That's left to you. Your public keys don't really need to be backed up - all

you need is the list of keyID's and a keyserver. Maybe stick them in a 
database or just a simple text file. You should, obviously, have a secure 
backup of your secret key AND a secure revocation certificate. Beyond that, 
it's nice to have a backup of your trustdb and gpg.conf to save time.


CONFIDENTIALITY NOTICE:  This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information.  Any unauthorized review, use, disclosure or distribution is prohibited.  If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.





More information about the Gnupg-users mailing list