Re: pgp 2.6.3i vs pgp5i vs gnupgp
Drew Scott Daniels (2003-03-17 16:05:50 -0600) :
[...]
> I've decided to carry a disk around with my key and have GnuPG on
> all the various single user machines that I use.
For what it's worth: I've been concerned with the physical security of
the machines to which I have access, and I have followed a trend I had
heard of: a small (64 MB) USB storage device, on which I store my
private (and public too) keyrings, an entry in the appropriate
/etc/auto.removable file (autofs), and a symlink from
~/.gnupg/id_lolando to /mnt/auto/removable/usb-key/.../id_lolando.
Same for the public keyring, just in case.
It works flawlessly, and it allows me to have my GnuPG private key
on exactly zero machine, only on this USB key thing (don't worry, I
also have backups). I have recently added SSH to the same scheme.
Protects me from thieves, although not from trojaning. I assessed the
risks :-)
Oh, and also, when people see that black plastic thingy on my
keychain, I'm allowed to tell them that's my digital keys :-)
Roland.
PS: Total cost is ~ 30 EUR, an hour for the initial setup (including
errors), then 5 minutes for following setups on other machines.
--
Roland Mas
Just because you're dead doesn't mean they aren't still out to get you.
-- Virgil, in Ye Gods! (Tom Holt)
Reply to: