-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'll be embarrassed to say that I hadn't really given much thought to the security of my secret keyring, with PGP/GPG....until now.
In the early days, I used to use it alot...until that computer died...so I have no way to use that key nor revoke it. Though things were simpler then....didn't have Internet connectivity....did this thing called UUCP over dialup (and had phone bills that ran around $1000-1500 a month.) But, then a few years ago, I created a GPG key for my work email address...because the SSL administrator wanted one, before they would email me the SSL cert and key that I was to relay to our email hosting provider. (which they had me upload unencrypted into my email account briefcase, well it was by https to webmail, but I had to accept the self-signed cert....because they needed to get the proper cert from me first.... They could then get it out of my briefcase with their admin account.) Also that GPG key wasn't signed (at the time) and no verifications were made in either direction. That key lives on my work computers, and I used to keep a backup on a USB key that I used to carry around....its now encrypted with a different product and stored in the cloud (along with a pre-generated revocation key.) Though I have thought about wanting to find software to encrypt and manage many different keys, and such (needs to work on FreeBSD, Linux and Mac at least...) I had later created a personal GPG key....the intent was to have something to show up to a GPG key signing party with....but due to a conflicting BoF, it didn't happen.... So, I played out the post-keysign-party signing between my work and my home keys. :) OTOH, I did get assured for CAcert....keep forgetting to try to get to do assurances. Meanwhile....at work were all required to get InCommon personal certs....which did involve an identity verification process....strange proving to a co-worker of a few years that I'm really who I claim to be...but nothing as rigorous as was done with CAcert. The same two pieces of ID, that wasn't sufficient to get a full 35 points was sufficient for one person to assure me at work...who is both the central approval officer and our department approval officer, and no other department has a department level person at this time. As part of two-factor authentication for PCI systems administration. Or for email signing....not encryption. Even though they can't control how its generated as dual-use. Currently, OWA doesn't like S/MIME signed emails, have to use a client to read those messages....so probably won't be putting the key into the cloud. Zimbra could do it, but we didn't enable the feature....after all the complaining our CISO made about wanting us to upgrade to a version of Zimbra that would support it. Thinking I should have somewhere to keep the key secure, somewhere to save my revocation password, etc. Which is why I had been wondering about a tool or solution for managing S/MIME and GPG keys. Hmmm, guess I'll need to turn on encryption on my MacBookAir (unless there's something where I don't have to encrypt everything).... VPN client supports Mac and Windows....but not FreeBSD (or debian), and I haven't heard anything good about the RPM. On 02/06/14 14:32, Rob Jenson wrote: > On 2/4/14 7:18 PM, Tom Perrine wrote: >> I know where I keep mine, but I'm not sure I've been paranoid >> enough the past few years :-) > > I'm surprised that there has been no talk on this subject yet. > Perhaps everyone with an opinion on the subject is too paranoid to > reveal their key storage process? :-/ > >> Where do you store your GPG keyring? Personal or business laptop? >> Home or other server? USB or other removable media? In the >> cloud? > > I presume that you mean your GPG secret keyring. Your public > keyring is less sensitive, unless you are worried about someone > knowing what keys you might use, or if you have unpublished public > keys.[1] > > Never in "The Cloud." I'd be very reluctant to store my secret > keyring on network-shared media, let alone in a cloud controlled by > anyone else, no matter how secure they swore that it is. > > Mine is on the laptop that accompanies me almost everywhere I go. > The laptop belongs to my employer, although in the event of a > separation I am confident that they will grant me the opportunity > to clean off my personal data before turning it in.[2] > >> And more importantly, how did you decide where to keep your >> keyring? > > Inertia/convenience mostly. Some assessment of what the > consequences of my key being compromised are. It is a lot of work > to "do it right" and at present, the cost of my key being > compromised[3] is relatively low. Other than the validity of my > signatures on other people's keys, and the signatures on my email, > I don't think I've encrypted many messages that will cause murder > and mayhem if decrypted. > > I like the idea of storing the secret key material on a > password-protected, encrypted USB key, but I think the risk, for > me personally, of losing the key is considerably higher than the > other risks of compromise.[4] > > The tradeoff is that I'd like to be able to sign email messages > when I need to without going through a special dance to install and > activate the external media, which would either slow me down, or > discourage me from signing messages. Also, when receiving an > encrypted message I'd have to go through the dance to decrypt the > message. > >> At the moment, I keep my keyring on my laptop (with a backup >> elsewhere). The machine itself has whole disk encryption, and >> then there's the login password, and then keyring passphrase. >> All the passwords (phrases) are of a more than usual length and >> complexity. I think I've got a pretty good handle on this, but I >> know some folks who keep their keyrings on USB drives (often >> encrypted), and only plug them in when needed. >> >> So, anyone want to share? Am I paranoid enough, or too much? > > It does depend on your threat model, and the cost of compromise of > the keys in the keyring. For a code-signing key for software > distributions, I would use a non-networked computer with a > read-only operating system, store the secret keyring on an > encrypted, password-protected device that otherwise lives in a safe > or safety-deposit box. Yes, it would be a PITA to generate a > signature for every new release, especially if they were frequent, > but this warrants some extra pain. > > Some PGP users have a "low security" or "everyday use" key and then > a "high security" key. The high security key would be used for > generating signatures and receipt of very sensitive encrypted data, > and would be stored and used with a greater level of precaution > than the everyday use key for signing and decrypting routine email > messages. > > _rob_ > > [1] So there is (very?) small additional risk to publishing a > public key where anyone can get it: it is much harder to attempt a > cryptanalysis attack against a keypair if you don't have the public > key. As with most things, it is a balancing act between usability > and security. A published key makes it easier for someone to > communicate with you without previous contact, based on the WoT of > key signatures or sheer necessity (When the message is "Dude, your > server is hacked and attacking our network" I am inclined to forego > the usual precautions of identity validation before encrypting to a > key). If you are storing in your public keyring someone else's keys > that should not be published, then maybe treating both keyrings > equally is appropriate. > > [2] The more worrisome scenario would be if the laptop is lost or > stolen or out of my control for an extended period of time due to > unplanned hospitalization, for example. I haven't given any thought > to the "I'm completely dead" scenario. > > [3] Presuming that I am aware of the compromise. If my laptop was > compromised, a copy of the keyring was made, and a keystroke > logger installed that captured my passphrase, then I am "attached > by an inclined plane wrapped helically around an axis." > > [4] If I had a USB key that would only unlock in contact with my > thumbprint, and self-destruct if it was not unlocked after 30 days > or so, that would be a good solution. > > > > _______________________________________________ Discuss mailing > list [email protected] > https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list > provided by the League of Professional System Administrators > http://lopsa.org/ > - -- Who: Lawrence K. Chen, P.Eng. - W0LKC - Sr. Unix Systems Administrator For: Enterprise Server Technologies (EST) -- & SafeZone Ally -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTDnzuAAoJEAgfwL3NZxyS6awIAJpcZSiORtzdo+NHmPh9HxKG 0pXUp47e+8VzUTxhAGeJ9SF/7YCsMlar3I0y8zmbXuId7+N6CD8ISEWyCYFcLeGH kblRH195Fc6ZmyEbEMmq6dFi/mP5kaJxHImcABPYyEb6n6L/kA3Yee3kTBITb3ku WIsQRxBUKWJ4uK40soWnuVIePluJdyWgTONlKeFt/D5Rnx9XiEnCX/GjRYBQJMZd CP71laAvcKdiVhqZkipmWam8I2Pjjcw88Qq/lsU5QOkrSkyPbt/HCh8uvssf14DG 4WPii70Km/5shvH+FQ7q0p7sk72ogv9KUK3t2XzniK9/3x9tyjfvZhk1zw4pT80= =WCBN -----END PGP SIGNATURE----- _______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
