On Tue, Feb 04, 2014 at 04:18:32PM PST, Tom Perrine spake thusly: > Where do you store your GPG keyring? Personal or business laptop? Home > or other server? USB or other removable media? In the cloud?
Personal workstation under my physical control (on which I am typing this GPG signed email). Sure, a USB stick offline would be safer but encryption buys you absolutely nothing if it is so inconvenient you never use it. I've been GPG signing my emails for years. Don't know if anyone has ever checked the signature but at least I give them the opportunity. > And more importantly, how did you decide where to keep your keyring? Convenience. Make sure you have a good passphrase on your private key. > At the moment, I keep my keyring on my laptop (with a backup > elsewhere). The machine itself has whole disk encryption, and then > there's the login password, and then keyring passphrase. All the > passwords (phrases) are of a more than usual length and complexity. I That all sounds like a good setup to me. > think I've got a pretty good handle on this, but I know some folks who > keep their keyrings on USB drives (often encrypted), and only plug > them in when needed. Unnecessary IMHO. You should be signing as often as possible which means the USB drive is needed frequently at which point you may as well just keep it on the laptop. -- Tracy Reed _______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
