Keeping .gnupg folder in cloud

Robert J. Hansen rjh at
Thu Sep 18 18:04:37 CEST 2014

> couldn't it also be that the owner/admin of the cloud makes changes to
> the keyring? Like adding/removing keys. Dependent on the trust model
> (like trust-always) this could be a very bad idea... Or it could result
> in a DOS as the evil admin deleted the secret parts of some key pairs..

The biggest risk is the gpg.conf file, actually.  If the admin silently
adds another "encrypt-to" and you don't notice it, then you're totally

Like I have said -- there are a lot of files in .gnupg that probably
should not be hosted in the cloud.

More information about the Gnupg-users mailing list