Backing up Private Keys

Robert J. Hansen rjh at
Tue Apr 16 05:15:19 CEST 2013

On 4/15/2013 9:21 PM, Henry Hertz Hobbit wrote:
> 3. Copy the files recursively from ~/.gnupg to /win/e/gnupg for the
> windows side of that machine.  I always have a FAT32 E: partition for
> copying files.  Those files and folders are copied in AS IS.  I have
> never had proglems. Mixed 32 / 64 or BE / LE?  Start exporting and
> importing.  It is the ONLY way you will get it done.  Remember you
> need the trustdb unless you want to import and give trust levels
> again.

This is not correct.

GnuPG keyrings are just a stream of OpenPGP octets in a format that
conforms to an OpenPGP message.  Since RFC4880 fully specifies things
like how to handle endianness and whatnot, GnuPG keyrings are
architecture- and endianness-agnostic.

(And yes, I have migrated .gnupg folders between 32- and 64-bit systems,
including from 64-bit PowerPC UNIX to a 32-bit Wintel environment -- the
trifecta of OS, architecture and endianness all changing.  Zero problems.)

> 4. zip up a copy using 7zip's AES128 with a sufficent password for a
> modicum of protection.

Why?  The private certificates are already secured with AES.

More information about the Gnupg-users mailing list