Fresh OS installation

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Nov 18 22:04:41 CET 2016


On Thu 2016-11-17 16:28:28 -0500, Robert J. Hansen wrote:
>> What is the best way to use my keys and settings I've already configured
> on
>> my old OS? Do I back things up, or make a copy from the config. file?
>
> Good question: there really isn't a good, standardized way to do this.
> There are three different branches of GnuPG that are in common use (1.4,
> 2.0, 2.1), and it's possible that your old keys were set up on 1.4, your new
> machine will be a 2.1 install, and so on.
>
> The easiest way will not necessarily be the best way.  It will probably be
> good enough for your purposes.
>
> On your old machine:
>
> 	$ cd ~
> 	$ tar cf gnupg-backup.tar .gnupg/
>
> Copy the tarfile to your new installation.  Place it in your home directory.
> Then, on your new machine:
>
> 	$ cd ~
> 	$ rm -rf .gnupg
> 	$ tar xf ./gnupg-backup.tar
> 	$ rm -f .gnupg/random_seed
> 	$ gpg --list-secret-keys
> 	$ gpg --list-keys
>
> If you can list your secret keys and public keys OK, then you're probably
> good to go.  Let us know if you have any problems.

Please be aware that if you take Robert's advice above, and your home
directory is world-readable, then other accounts on the system will be
able to read gnupg-backup.tar, which means they'll be able to get a copy
of any secret information happens to be there.

If that's a problem for you, you might want to set the umask to 077
("umask 077") before the initial "tar cf", and ensure that the
permissions on the file in your new directory are similarly restricted
(theehy should not be readable by "group" or "other".

        --dkg



More information about the Gnupg-users mailing list