Using GPG for reading email in VPS
SK
sk.list at gmail.com
Fri Jul 26 11:33:54 CEST 2013
Hi,
I am considering uploading my keyring to a VPS I own to read emails in it
using mutt. So far I used to do this in my local desktop/laptop but "cloud"
VPS provides some flexibility that I like.
In such a context does anybody have any opinion on the security of the
setup? My worry is that by uploading my private key to the VPS I am
weakening the first line of defense - physical access to the private key. I
do realise that a secure passphrase is the ultimate defense but what about
access to the private key itself?
In this context is there any best practices? I was thinking creating a new
signing subkey and removing the master private key from keyring that I want
to upload to the VPS. That way I might limit the damage to the subkey alone
while keeping the master key a bit more secure?
Any thoughts?
SK
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20130726/75b40906/attachment.html>
More information about the Gnupg-users
mailing list