With the posts of backing up files and anonymous private keys it got me
thinking. Is there a mechanism in place that protects (encrypts) a
public keyring? They can be thought of as sort of an address book or
contact list and with some mail providers encrypting contacts I wondered
if such a thing ex
On 2020-05-24 at 00:14 -0400, Robert J. Hansen wrote:
> > I see a big hole in the validation part. The steps providex are
> > validating the offline identity but not matching it to the certificate
> > uid.
>
> Correct, and that's by design.
>
> There is no -- *NO* -- generally understood meaning
I forgot to mention there are 2 files in that gnupg directory that I'm
not sure the purpose of. I know private keys are stored in a directory
called private-keys-v1.d and public keys are stored in pubring.kbx. I do
have a file called PAPubring.gpg and PAsecring.gpg. They are only 111
and 113 bytes
Sorry misspoke.. I should've said put those files you listed in an
encrypted archive. I will grab Sherpa later and see how it works.
Thanks
On 5/24/2020 12:57 PM, Robert J. Hansen wrote:
>> I was thinking along the lines of backing up that entire directory into
>> an encrypted 7z file and then j
> I was thinking along the lines of backing up that entire directory into
> an encrypted 7z file and then just having to remember the password to
> that archive. I know there are other options maybe even some that use
> biometrics to decrypt the database.
Don't. GnuPG puts things in that director
I was thinking along the lines of backing up that entire directory into
an encrypted 7z file and then just having to remember the password to
that archive. I know there are other options maybe even some that use
biometrics to decrypt the database.
On 5/24/2020 10:23 AM, Peter Lebbing wrote:
> On 2
Good point, unless you can use some other passwordless authentication.
On 5/24/2020 10:44 AM, Felix Finch wrote:
> On 20200524, Mark wrote:
>> I think that could be addressed if all those files and directories are
>> stored within an encrypted archive (whatever your favorite is)
&g
On 2020-05-23 at 03:42 -0400, Cyrus Segura via Gnupg-users wrote:
> Hi everyone,
>
>
> I'm new to GnuPG. I'm trying to install it for MacOSX, and I have a
> beginner's question.
>
>
> ***Do I need to verify more information about the validity of GnuPG
> if:
>
>
> 1.) The SHA-256 checksum on m
On 20200524, Mark wrote:
I think that could be addressed if all those files and directories are
stored within an encrypted archive (whatever your favorite is)
Yes, but then that needs a passphrase, and so on. I'm trying to cut back on
how many I have to rem
On 20200524, Peter Lebbing wrote:
Hi,
On 24/05/2020 16:05, Felix Finch wrote:
Out of curiosity ... how safe are these files as is, assuming the
private key file has a good strong passphrase?
The safety of the private key purely depends on the strength of the
passphrase. Note that backups
On 24/05/2020 19:11, Mark wrote:
> I think if all the important files are stored in an encrypted
> container, they should be pretty secure.
Just watch out for the catch-22 of "I lost my hard drive, let me restore
from that encrypted container. Hmmm, my only backup of my private key is
inside a con
I think that could be addressed if all those files and directories are
stored within an encrypted archive (whatever your favorite is)
On 5/24/2020 7:05 AM, Felix Finch wrote:
> On 20200524, Damien Goutte-Gattat via Gnupg-users wrote:
>> On Sat, May 23, 2020 at 09:35:54PM -0700, M
Interesting points... I'm not sure I have all those files such as the
TOFU (have to actually read more about it). I think if all the
important files are stored in an encrypted container, they should be
pretty secure.
On 5/24/2020 9:16 AM, Peter Lebbing wrote:
> Hi,
>
> On 24/05/2020 16:05, Felix
> I have yet to try it but it sounds like a good idea. Does it run under
> Windows 10?
Let's see what I wrote:
>> The Windows MSI installer should still work, though.
Knock yourself out.
https://github.com/rjhansen/sherpa/releases/download/0.4.0/sherpa-0.4.0.msi
___
Thanks for all the tips on which files to backup and how to export to
for use in other apps (which is another thing I want to do later). MANY
years ago (mid 90s) I created some PGP keys with the old Norton PGP
program I was beta testing... Unfortunately those private keys are long
lost (several com
I have yet to try it but it sounds like a good idea. Does it run under
Windows 10?
On 5/24/2020 9:18 AM, Robert J. Hansen wrote:
>> But using Sherpa is probably a good bet.
> Good Lord, it's been a while since I wrote that. The Windows MSI
> installer should still work, though. If there's intere
On 24/05/2020 18:03, Peter Lebbing wrote:
>> % gpg -o public-keys.gpg --export
Oh! That is perhaps not good enough :-). You need
$ gpg --export-options export-local-sigs -o public-keys.gpg --export
so you don't lose any non-exportable signatures. There's also
--export-options backup, which impl
> But using Sherpa is probably a good bet.
Good Lord, it's been a while since I wrote that. The Windows MSI
installer should still work, though. If there's interest in other
formats, I'll see about updating it.
signature.asc
Description: OpenPGP digital signature
Hi,
On 24/05/2020 16:05, Felix Finch wrote:
> Out of curiosity ... how safe are these files as is, assuming the
> private key file has a good strong passphrase?
The safety of the private key purely depends on the strength of the
passphrase. Note that backups will have the passphrase that was set
On 24/05/2020 14:52, Damien Goutte-Gattat via Gnupg-users wrote:
> No, it’s not.
Absolutely not ;-)
> For the private and public keys however, instead of saving the files
> directly I’d recommend exporting them from GnuPG:
>
> % gpg -o private-keys.gpg --export-secret-keys
> % gpg -o public-keys
On 5/23/20 4:30 PM, Robert J. Hansen wrote:
I mean, this seems like 95% of what you want. You just want the
reference to an email address in step 4 removed?
If you can get the community to agree, I'm all in favor.
- All gpg operations (key generation, encryption, decryption) are
carried out
On 20200524, Damien Goutte-Gattat via Gnupg-users wrote:
On Sat, May 23, 2020 at 09:35:54PM -0700, Mark wrote:
I'm trying to figure out which files I need to backup to safeguard
my keys.
Everything that needs to be saved is in GnuPG’s home directory, which
on Windows should be `C:\Docu
On Sat, May 23, 2020 at 09:35:54PM -0700, Mark wrote:
I'm sure this is a pretty stupid question
No, it’s not.
I'm trying to figure out which files I need to backup to safeguard my
keys.
I’m assuming you are using GnuPG 2.2 on Windows here (based on your
User-Agent).
Everything that need
23 matches
Mail list logo