How to protect private keys?
Robert J. Hansen
rjh at sixdemonbag.org
Fri Apr 13 05:50:11 CEST 2007
> to export private keys, without need to enter passphrase. This is very
> dangerous to a multi-user computer.
Clearly, you don't trust the computer you share with other users. So
why, exactly, are you running GnuPG on it?
Running GnuPG on a computer you don't trust is folly. If you don't
have physical security over the machine, there is no possibility of
electronic security in your communications.
Beware of all other answers you receive to this question. Before you
try to fix the "GnuPG problem", fix the much bigger and more pressing
problem about how you're trying to run security-critical software on
a computer you don't physically control.
More information about the Gnupg-users