Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Managing PGP keys on multiple machines



On Mon, May 19, 2008 at 5:39 PM, Curt Sampson <cjs@example.com> wrote:
> On 2008-05-19 16:37 +0900 (Mon), Mike Mazur wrote:

/../

>> I would also like to send signed emails from my laptop. I could simply
>> transfer the private key from my desktop to my laptop. But what if I
>> lose my laptop? Since an attacker will have physical access to the disk,
>> will the passphrase be sufficient to maintain my secret key?
>
> It depends on the strength of the passphrase.
>
> However, if you're toting around a laptop, you really ought to be using
> full disk encryption /../
>
> You might also consider keeping your key on separate media /../

You can also cover the future a bit better if you make a retraction
certificate at the time you create your key. Keep that certificate in
a safe place. That allows you to at least invalidate the key for
public use if you think it may be compromised (Yes, that won't protect
your laptop files encrypted with it if the attacker does manage to get
to them).

Gernot


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links