Why a full keys and sub keys backup are not proposed when keys and sub keys are done "on-card" ?

tux.tsndcb at free.fr tux.tsndcb at free.fr
Sun Sep 27 20:59:29 CEST 2009

Hi Werner,

Thanks for your answer, I'm agree with you for sign key, but for the authentication key, if it's used to ssh server connection on more than 100 servers for the user root for example, if you lost this key, you cannot more connect on server with the user root. In this case, I think it will be a big problematic. It's for that than I suggested to add the authentication key, but it's just a suggestion.

Best Regards

----- Mail Original -----
De: "Werner Koch" <wk at gnupg.org>
À: "tux tsndcb" <tux.tsndcb at free.fr>
Cc: gnupg-users at gnupg.org
Envoyé: Dimanche 27 Septembre 2009 13h09:36 GMT +01:00 Amsterdam / Berlin / Berne / Rome / Stockholm / Vienne
Objet: Re: Why a full keys and sub keys backup are not proposed when keys and sub keys are done "on-card" ?

On Sun, 27 Sep 2009 09:38, tux.tsndcb at free.fr said:

> Just for information, I wanted to known why you don't propose a full backup of the three keys (Sign, encryption and authentication) when keys are generated "on-card". Because only encryption key is backupted, a good idea will be perhaps to add also authentication key in the backup.

A lost of a signing or authentication key is usually not that
problematic.  You can simply create a new one and use it from then on.

If you don't have access to the decryption key anymore you won't be
able to decrypt any of the data you decrypted in the past to that key.
Thus some kind of recovery is in most cases very useful.



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gnupg-users mailing list