Fwd: Backup of private key
Brian O'Kennedy
brokenn at gmail.com
Wed Nov 25 22:19:03 CET 2009
So this implies that I could safely upload my ascii-armored private key to
an email server without fear (assuming of course that my passphrase is
secure and large). What symmetric encryption is typically used on the key
itself? I'm assuming that this level of encryption is secure enough to not
worry about it being broken?
Thanks for the tip and welcome :)
brian
2009/11/25 Robert J. Hansen <rjh at sixdemonbag.org>
Brian O'Kennedy wrote:
> > This is a complete n00b question, but I still need to get an opinion on
> > this.
>
> We were all new once. :) Welcome to the list!
>
> > All of these make sense to me, but aren't compatible with my ability to
> > lose physical things. So, what would the risks be of me using
> > symmetrical encryption with a long passphrase to encrypt my private key,
> > and storing that in an online email account (gmail/yahoo/etc)? If we
> > consider the symmetric encryption to be (practically) unbreakable, is
> > this safe?
>
> The good news is your private key is already encrypted with a symmetric
> cipher. The passphrase you type to use your key is really the
> passphrase needed to decrypt it.
>
> If you are sure that no one will ever guess your passphrase, then you
> could safely publish your private key in the _New York Times_. That
> would be a really extreme case, but you could do it.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20091125/fc887a6e/attachment.htm>
More information about the Gnupg-users
mailing list