Robert J. Hansen rjh at
Tue Oct 2 21:10:50 CEST 2012

On 10/2/12 4:23 AM, Ilias el Matani wrote:
> I would like to know why, there is no 'security' when you making a
> Backup of the keys via the GNU Privacy Assistant - Key Manager.

There is.

> It's possible when you have physical access to the system, to export
> also the private key. Why don't we protect this?

We do.

Your private certificate is encrypted with a strong algorithm.  Your
passphrase is the decryption key.  If you have a strong passphrase on
your certificate, you could publish the private certificate in the _New
York Times_ and be completely confident of its security.

If you're concerned about people gaining access to your private key, put
a strong passphrase on it.

More information about the Gnupg-users mailing list