> It looks like I've imported a pub/sec keypair now. Should I remove > the public key for security? Maybe I misunderstood from the beginning > and having both keys on the same system isn't a security issue? > > - Grant >
It is still a security issue, but only as much as any other data on your machine. Physical access to the box, or being remotely hacked will always be a security risk. And yes, if someone does break in and copy your pub/sec keypair, they will have full ability to masquerade as you in signed and encrypted emails. You have to weigh it up for yourself really. Many, many keep pub/sec keypairs for their email on more than one machine. Of course it would be a lot of work for someone to compromise your system for your gpg keys, so your email would have to be of value to them. Just my $0.02 Matt