I would recommend that you don't do that. What if you lose the drive? Then your private key is compromised. Do you have a revocation certificate in a safe location? If not, you can't even tell anyone that your private key has been compromised! Not good!
The OpenPGP smartcard is a much safer option, since it will not give up the private key (even if you have the password), and will lock itself after 3 incorrect password attempts. (And after 3 incorrect Admin PIN attempts, it will destroy itself, which is pretty inconvenient for someone trying to steal your key.) Compare this to a pen drive that will let anyone copy off the secret key and guess the passphrase on their friendly local supercomputer cluster. The other advantage is that if your card gets stolen, you *know* that it's been stolen. If you have your key lying around in your homedir somewhere, someone could just make a copy of it, and you'd never know. With the OpenPGP card, if it's not in your hand, you can consider it stolen. For $20, you can't go wrong. Get an OpenPGP card and be happy :) http://www.kernelconcepts.de/products/security-en.shtml Regards, Jonathan Rockway Ismael Valladolid Torres wrote: > John Clizbe escribe: > >> Just copy the keyring files. >> > > I store my private keyring and a public keyring containing only my > public key on a pendrive, then in your gpg.conf: > > keyring /path/to/pendrive/pubring.gpg > secret-keyring /path/to/pendrive/secring.gpg > > Using several different computers it works like a charm. > > Cordially, Ismael >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
