new helper program for configuration import / export

Hauke Laging mailinglisten at hauke-laging.de
Sun Oct 19 15:32:36 CEST 2014


Am So 19.10.2014, 13:26:55 schrieb Peter Lebbing:

> > a) save the complete configuration (optionally protexted with a
> > passphrase) to a single file

> I'm not sure how you envision this, but wouldn't it be much easier,
> and sufficient, to have a prompt on startup that read:
> 
> ***WARNING*** Make sure all your secret keys are protected by an
> adequate password before making a backup. Are you sure you wish to
> proceed? [y/N]

I am quite sure that this is the opposite of easier. Why?

a) Because you have to change the passphrase of each secret key.

b) Because you have to change them back after exporting.

c) Because "make sure" is generally a bad idea for a certain group of 
users – at which this tool is targeted.


> Or do that in the manual

See (c)...


> I think it might boil down to a simple file copy excluding some
> unwanted files, and including everything else.

I was rather thinking of a whitelist (excluding e.g. editor backup 
files).


> Also remeber that the
> keybox format is different between GnuPG versions (secring.gpg vs.
> private-keys-v1.d)

I must admit that I didn't know that. I hardly use 1.4.x.

What does that mean? Can 1.4.x and 2.0.x not operate on the same secret 
key ring? Is it converted automatically (in which direction)? I guess 
this problem does not affect exporting secret keys.

Maybe you have a pointer for this problem.


Hauke
-- 
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20141019/89367c3c/attachment.sig>


More information about the Gnupg-users mailing list