On 19/10/14 00:56, Hauke Laging wrote: > [...] having secring.gpg with > rather weak passphrases on a cleartext backup volume)
> a) save the complete configuration (optionally protexted with a > passphrase) to a single file > > gpg-backup --with-passphrase --save /path/to/targetfile I'm not sure how you envision this, but wouldn't it be much easier, and sufficient, to have a prompt on startup that read: ***WARNING*** Make sure all your secret keys are protected by an adequate password before making a backup. Are you sure you wish to proceed? [y/N] Something in that vein. Maybe even more verbose, explaining that the password is enough to get the key from the backup. Or do that in the manual or something like that. I think it might boil down to a simple file copy excluding some unwanted files, and including everything else. Also remeber that the keybox format is different between GnuPG versions (secring.gpg vs. private-keys-v1.d); this suggests an "include everything except these specific files" approach to me. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
