backing up keys etc

Lawrence Chin kurtc1972 at gmail.com
Sun Sep 28 02:38:47 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Okay, thanks for the excellent help, Faramir and Kara. Let me see if I
got this right.

(1) It turns out that I got a revocation certificate made long time ago
for the current key I'm using (8e758d5f) with the file name
"kurtc1972 at gmail.com (0x8e758d5f) rev.asc" and saved on a CD. So, if I
need to revoke this public key in the future, I just upload it to the
keyserver?

(2) So I used OpenPGP key management, "file" -> "export key to file" to
export both the public and secret part of all my 4 keys to the same CD.
When I opened the asc file of each of these 4 keys, I can see that each
file consists of a public key block and a private key block. Now, if my
computer ever crushes and I have to start everything over again, like
downloading GNUPG and Enigmail again, do I just upload these 4 asc files
and thus regain my keys again? Is this what is known as "back up"?

(3) So I generated a revocation certificate for the older, first
experimental key for this kurtc account of mine, which I never seemed to
have uploaded to a keyserver. Here is the log:

- --------------------------------------------------------------------
Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\ms paradise.msparadise-PC>cd c:\program files\gnu\gnupg

c:\Program Files\GNU\GnuPG>gpg --gen-revoke 0x480a7928

sec  1024D/480A7928 2008-06-04 kurtc1972 <kurtc1972 at gmail.com>

Create a revocation certificate for this key? (y/N) y
Please select the reason for the revocation:
  0 = No reason specified
  1 = Key has been compromised
  2 = Key is superseded
  3 = Key is no longer used
  Q = Cancel
(Probably you want to select 1 here)
Your decision? 2
Enter an optional description; end it with an empty line:
> first testing key for this dummie email account of mine for learning gpg
>
Reason for revocation: Key is superseded
first testing key for this dummie email account of mine for learning gpg
Is this okay? (y/N) y

You need a passphrase to unlock the secret key for
user: "kurtc1972 <kurtc1972 at gmail.com>"
1024-bit DSA key, ID 480A7928, created 2008-06-04

gpg: Invalid passphrase; please try again ...

You need a passphrase to unlock the secret key for
user: "kurtc1972 <kurtc1972 at gmail.com>"
1024-bit DSA key, ID 480A7928, created 2008-06-04

gpg: Invalid passphrase; please try again ...

You need a passphrase to unlock the secret key for
user: "kurtc1972 <kurtc1972 at gmail.com>"
1024-bit DSA key, ID 480A7928, created 2008-06-04


c:\Program Files\GNU\GnuPG>
- ---------------------------------------------------------------
I typed in the correct passphrase at my third try. Now, where can I find
this revocation certificate? I don't even know the file name!!!

Thanks!!

Hopefully soon I'll get out of my newbie status and become able to help
someone too!

Lawrence

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkje0hcACgkQE7PX/Y51jV8NFQCfaUjc24xUkV6tog/WxqjH4UZ0
opQAoNN7J2oVZu3PEpPrHiVycEVOSq7F
=HkhB
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list