Generating and storeing keys on usb pen
David Shaw
dshaw at jabberwocky.com
Mon Apr 23 19:46:22 CEST 2007
On Sun, Apr 22, 2007 at 01:42:37PM -0700, rocko wrote:
> I want to generate a new key pair, but i want to save it to
> a usb pen drive so i can keep it safe.
> I don't want any gpg keys stored on my laptop, in case it gets
> lost or stolen, the culprits won't have access to my gpg keys.
There is an incorrect assumption underneath this question. GPG keys
are stored on a usb drive in exactly the same format they are stored
on a laptop: encrypted. (Well, encrypted by default - if you didn't
explicitly remove the passphrase, they're encrypted).
My point is that storing the keys on a usb drive doesn't change
anything if the keys are lost. If someone steals your laptop, they
have the encrypted keys. If they steal your usb drive, they have the
encrypted keys. There is no difference. Either way you cut it, the
thief has an encrypted copy of your key. Unless the thief can figure
out your passphrase, the key is useless to him.
It's quite a bit easier to lose a usb drive than it is to lose a
laptop...
David
More information about the Gnupg-users
mailing list