Backing up your PGP key by hand
Lars Noodén
lars.nooden at gmx.com
Thu May 5 09:44:23 CEST 2022
On 5/5/22 01:11, Jacob Bachmeyer wrote:
> Lars Noodén via Gnupg-users wrote:
>> A removable hard drive might be an option, if the storage time
>> is less than a decade and there are decent storage conditions
>> in regards to chemicals, temperature, humidity, and so on. Flash
>> memory seems to lose
>> its charge rather quickly, measured in months.
>
> Write-once optical media is my preferred means of long-term backup for
> nontrivial amounts of data,
[snip]
The number of years that the keys and the data they apply to will be
stored unpowered, offline will influence which storage medium is
acceptable for the task.
Old CD-R were short-lived garage from my experience, but certain models
of recently made CD-R should last a while even under slightly
non-optimal storage conditions before they start flipping bits.
However, it's hard to know until it's too late. And all bets are off
for bad storage condistions. Now that the quality has improved, under
optimal storage conditions, they ought to retain data for decades:
https://www.canada.ca/en/conservation-institute/services/conservation-preservation-publications/canadian-conservation-institute-notes/longevity-recordable-cds-dvds.html
https://www.loc.gov/preservation/resources/rt/NIST_LC_OpticalDiscLongevity.pdf
Whether that bit flip hits anything important is another matter, but
they do add up over time and with enough of them they will eventually
hit something, worse if it hit something compressed. I'm sure BtrFS or
OpenZFS might be relevant there.
Air pollution, temperature, light, and humidity are some of the factors
affecting the lifespan of the physical storage medium.
> I have SD cards and USB sticks with data blocks last written
> many years ago and still readable. Granted, I have never used
> low-end no-name
[snip]
And by reading them, they have powered up and refreshed the charge. The
problem applies to such flash storage devices which have been left
unpowered for longer periods of time. Again, it depends a bit on what
the planned retention period is for the keys and their data.
/Lars
More information about the Gnupg-users
mailing list