how to get private key
hlmuller at yahoo.com
Thu Jul 3 20:59:43 CEST 2008
It's highly unlikely that an individual would be capable of stealing a secret key and using it to decrypt messages. A large corporation or government, maybe. Make your passphrases complex.
I'm a little cautious myself with my secret keys, so I use two hardware based approaches to ease my paranoia:
1. I use an openpgp card to keep my normal signing and encryption subkeys secure.
2. I keep my main secret key on a usb flash drive, along with backups of my secret subkeys, and public keys.
These are useful resources for further reading:
----- Original Message ----
> From: "Afzal, Naeem M" <naeem.m.afzal at intel.com>
> To: "gnupg-users at gnupg.org" <gnupg-users at gnupg.org>
> Sent: Thursday, July 3, 2008 1:36:48 PM
> Subject: how to get private key
> I have general question regarding private key security.
> If a user creates its private public key pair by using some passphrase on a
> system. Can this pair be taken to a different system and decrypt files that were
> generated using its public key? My guess is no, but needed to confirm with you
> guys. If it is possible, then how it will be done, any command to list private
> key etc. Also how can we protect where no one can steel this private key from a
> system other than restricting users access to the system?
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
More information about the Gnupg-users