Backup of Keys

Felix Finch felix at
Sun May 24 16:05:39 CEST 2020

On 20200524, Damien Goutte-Gattat via Gnupg-users wrote:
>On Sat, May 23, 2020 at 09:35:54PM -0700, Mark wrote:
>>I'm trying to figure out which files I need to backup to safeguard 
>>my keys.
>Everything that needs to be saved is in GnuPG’s home directory, which 
>on Windows should be `C:\Documents and Settings\<username>\Application 
>Data\gnupg`. In that folder you should save:
>* the private keys (in the `private-keys-v1.d` subfolder;
>* the public keys (the `pubring.kbx` file);
>* the trust data (the `trustdb.gpg` file, plus the `tofu.db` file of 
>you are using the TOFU trust model);
>* any configuration file (`*.conf`);
>* if you are using GpgSM, the `policies.txt` and `trustlist.txt` files.

Out of curiosity ... how safe are these files as is, assuming the private key file has a good strong passphrase?  If they are backed up on a USB stick which gets lost and found by someone else, or stolen, how much damage can be done?  How hard is it to crack a good passphrase?  I realize that's kind of a loose question, and "strong passphrase" doesn't help.

            ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._.
     Felix Finch: scarecrow repairman & wood chipper / felix at
  GPG = E987 4493 C860 246C 3B1E  6477 7838 76E9 182E 8151 ITAR license #4933
I've found a solution to Fermat's Last Theorem but I see I've run out of room o

More information about the Gnupg-users mailing list