Configuration for offline usage - best practice tips?
jc.gnupg18a at unser.net
Fri Feb 23 23:08:20 CET 2018
On Sat, Feb 17, 2018 at 11:15:57PM -0500, Daniel Kahn Gillmor wrote:
>On Thu 2018-02-15 21:33:05 +0100, Juergen Christoffel wrote:
>> I'm looking for best practice tips for offline usage of GnuPG. [...]
>GnuPG's defaults should be fine for the common, simple backup case.
>However, i note that you're talking about "today's public key" -- that
>suggests that you're imagining a regularly-updated key that your backup
>tooling will know about. This is in some sense antithetical to "offline
>usage" -- how will the backup scripts learn about the new keys if they
>can't go online to fetch them?
Thanks for the feedback and sorry for the delayed answer, I've been on a
>It sounds like you're proposing an OpenPGP primary key that has a series
>of relatively short-lived, expiring encryption-capable subkeys. Is that
Yes, that's what I plan to do, generate a subkey for each month in advance
and use this to encrypt my backups.
And it seems that I shouldn't have used the term "offline usage" without a
better spec what I ment. So: GnuPG tips for communications use state that I
should do this or don't configure that in order to keep my keys compatible
with potential recipients. That's what I consider "online" use, while I use
"offline" to say that I don't intend to share encrypted stuff with external
parties, so I have no need for potential limitations
>For further clarity, it'd be useful to understand what you see as the
>goal of key rotation here. Do you plan on deleting older secret
>subkeys? if so, how will you recover backups that were encrypted to the
Backups are done from a rented root server to a rented storage server in
"the cloud" and I want to lessen the impact of a potential compromise of
these keys. That is, if I have to restore certain files from a backup, and
the machine where the decryption happens might be compromised, I don't want
all backups to be compromised in a single step.
>But for backups, this is a slightly more complicated story. It
>certainly can be useful if you want to be able to robustly *destroy*
>backups that might be stored on servers that you don't have full control
>over. That is: encrypt the backup to public key X, send the encrypted
>copy to "the cloud", and then when you're sure you don't need it any
>more, delete the secret key corresponding to X to ensure that it's not
>recoverable. But most people have a hard time just getting their
>backups to happen on a reasonable schedule, and don't have a reliable
>schedule for backup destruction. Do you have such a plan? Or do you
>envision some other reason for the proposed key rotation?
The backup plan is in place and uses rotating backups, so older backups
expire anyway after some time.
Thanks for your detailed suggestions, I'll rethink my plans with them in
Doctorow's Law: Anytime someone puts a lock on something you own, against
your wishes, and doesn't give you the key, they're not doing it for your
More information about the Gnupg-users