Re: [ubuntu-uk] Sharing PGP Keys
Hi, Only if your trust both computers. Preferably you are the sole user of both computers, ie your desktop at home, and your laptop. Although keeping your keys on a laptop will be a cause for concern, but may be a necessity. As far as I know your keys are kept in ~/.gnupg , so you would just have to copy that directory to get all your keys transfered. Ciarán -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Sharing PGP Keys
On Wed, 2009-01-21 at 08:54 +, Ciaran Mooney wrote: Hi, Only if your trust both computers. Preferably you are the sole user of both computers, ie your desktop at home, and your laptop. Although keeping your keys on a laptop will be a cause for concern, but may be a necessity. As far as I know your keys are kept in ~/.gnupg , so you would just have to copy that directory to get all your keys transfered. Ciarán Hello, You can export keys using the key manager (Applications-Accessories-Passwords and Encryption Keys). Once you have exported your entire key I think you can use that manager to import it onto your laptop. Joseph. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Sharing PGP Keys
Both computers are laptops, but I am the sole user for both. One is my personal laptop, the other is for work. If you hand the laptop back at any point then I would, scrub the hard drive thoroughly. But as long as you trust both computers then it should be fine. PGP is all about trust. Would I be better setting up a 'personal' key and a 'work' key (in you opinion)? It all depends on how much you come to rely on either key. If your work key becomes the de-facto key for authenticating yourself then it becomes more important to protect it. You can always revoke keys that you feel have been compromised by using the revocation certificate that you (should have) created when you generated the keys. As before if you trust both machines, and are paranoid about the whereabouts and programs on both, then the need for two keys becomes moot. That option only allows you to export your public key, so as I understand it I wouldn't be able to then use it on the second laptop to sign or encrypt? You want to encrypt with your public key, because only the private key will decrypt it. You want to sign files with your private key, because only the public key is available to everyone to authenticate the signature. If both machines are Linux based then copying ~/.gnupg should suffice. (I think...) Ciarán -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Sharing PGP Keys
On 21/01/09 10:24, Ciaran Mooney wrote: Both computers are laptops, but I am the sole user for both. One is my personal laptop, the other is for work. If you hand the laptop back at any point then I would, scrub the hard drive thoroughly. But as long as you trust both computers then it should be fine. PGP is all about trust. The other option is to have one GPG keypair but keep it on an encrypted USB key or something similar. That way you can mount the key when you start using the laptop and unmount it when you're done and you don't need to worry about leaving your keys lying around. You can symlink ~/.gpg to the directory on the key where your keypair is stored. Of course, if you lose the key or it gets stolen you'll still need to revoke the keypair, but it it's encrypted at least you're protected from casual snooping. -- Graham Binns | PGP Key: 4DAD18FA signature.asc Description: OpenPGP digital signature -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Sharing PGP Keys
Graham Binns wrote: On 21/01/09 10:24, Ciaran Mooney wrote: Both computers are laptops, but I am the sole user for both. One is my personal laptop, the other is for work. If you hand the laptop back at any point then I would, scrub the hard drive thoroughly. But as long as you trust both computers then it should be fine. PGP is all about trust. The other option is to have one GPG keypair but keep it on an encrypted USB key or something similar. That way you can mount the key when you start using the laptop and unmount it when you're done and you don't need to worry about leaving your keys lying around. You can symlink ~/.gpg to the directory on the key where your keypair is stored. Of course, if you lose the key or it gets stolen you'll still need to revoke the keypair, but it it's encrypted at least you're protected from casual snooping. I Like this idea. It looks similar to a page I found when googling this: https://wiki.kubuntu.org/UsbAuthentication It means I can add multiple identities to a single key, and carry that key around with me. Off to investigate! Cheers Steve -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Sharing PGP Keys
The other option is to have one GPG keypair but keep it on an encrypted USB key or something similar. That way you can mount the key when you start using the laptop and unmount it when you're done and you don't need to worry about leaving your keys lying around. You can symlink ~/.gpg to the directory on the key where your keypair is stored. Again I would only do this with computers you trust. The ultra-paranoid elf in my head says, whats stopping a hidden process on that computer copying the contents of all pen drives attached? Being encrypted would make no difference once it is mounted on the system. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Sharing PGP Keys
2009/1/21 Ciaran Mooney general.moo...@googlemail.com Hi, Only if your trust both computers. Preferably you are the sole user of both computers, ie your desktop at home, and your laptop. Although keeping your keys on a laptop will be a cause for concern, but may be a necessity. As far as I know your keys are kept in ~/.gnupg , so you would just have to copy that directory to get all your keys transfered. Ciarán -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/ Ciarán, Both computers are laptops, but I am the sole user for both. One is my personal laptop, the other is for work. Would I be better setting up a 'personal' key and a 'work' key (in you opinion)? -- Steve Garton sheepeatingtaz.co.uk -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Sharing PGP Keys
2009/1/21 Joseph Walton-Rivers webpig...@googlemail.com snip Hello, You can export keys using the key manager (Applications-Accessories-Passwords and Encryption Keys). Once you have exported your entire key I think you can use that manager to import it onto your laptop. Joseph. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/ Joseph, That option only allows you to export your public key, so as I understand it I wouldn't be able to then use it on the second laptop to sign or encrypt? -- Steve Garton sheepeatingtaz.co.uk -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Sharing PGP Keys
On 21/01/09 10:36, Ciaran Mooney wrote: Again I would only do this with computers you trust. The ultra-paranoid elf in my head says, whats stopping a hidden process on that computer copying the contents of all pen drives attached? Being encrypted would make no difference once it is mounted on the system. Which is why you should never use the same password for different systems. Indeed, you should never enter any vital password on any system that's not entirely under your control for exactly that reason. However, pragmatism occasionally has to win out over paranoia. For a gpg key - of which you can keep a master copy which you can then revoke at will - I think the risks are reasonable enough with this approach. Moreover, applying permissions carefully to the USB key and its contents will also help, unless said evil process is running as root, in which case all bets are off anyway. -- Graham Binns | PGP Key: 4DAD18FA signature.asc Description: OpenPGP digital signature -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Sharing PGP Keys
On Wed, 2009-01-21 at 10:18 +, Stephen Garton wrote: 2009/1/21 Joseph Walton-Rivers webpig...@googlemail.com snip Hello, You can export keys using the key manager (Applications-Accessories-Passwords and Encryption Keys). Once you have exported your entire key I think you can use that manager to import it onto your laptop. Joseph. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/ Joseph, That option only allows you to export your public key, so as I understand it I wouldn't be able to then use it on the second laptop to sign or encrypt? -- Steve Garton sheepeatingtaz.co.uk Hello Steve, If you double click on the key listed under my personal keys (or click it once and press the properties button) under the details tab there is the button, export complete key which will export the key as an asc file. Joseph. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/