Keyring on external encrypted drive
Pete Stephenson
pete at heypete.com
Wed May 22 12:49:31 CEST 2013
On Wed, May 22, 2013 at 10:59 AM, Zece Anonimescu <zece at riseup.net> wrote:
> Hey fellas!
>
> For the sake of portability I was reading about keeping the keyring on a
> removable drive. I searched online but I get other things. Is it
> possible to have the keys some other place? How do I tell GnuPG on some
> other computer that it should look on the drive, but not copy or move
> the contents?
Depending on your exact needs, you may find an OpenPGP smartcard to be
a better choice -- once the private key or keys are loaded onto the
card you can do all the normal operations (e.g. signing, decrypting,
etc.), but the keys cannot be extracted from the card (barring bad
guys with advanced means of disassembling microchips and reading out
their contents). All the private key operations are conducted on-card
and the keys never leave the card. If you need to, you can delete the
keys from the card but you can't access or copy them from the card.
See http://g10code.com/p-card.html for a description of the card. You
can buy it and the appropriate reader from
http://shop.kernelconcepts.de/index.php?cPath=1_26&sort=2a&language=en
. I've had good luck with the SCR-335 reader on both Windows and
several Linux distributions.
--
Pete Stephenson
More information about the Gnupg-users
mailing list