Re: Configuration for offline usage - best practice tips?

2018-02-28 Thread Werner Koch 
On Fri, 23 Feb 2018 23:08, jc.gnupg...@unser.net said:

> Yes, that's what I plan to do, generate a subkey for each month in advance
> and use this to encrypt my backups.

That raises the question for us whether it will make sense to change

  --quick-add-key fpr [algo [usage [expire]]]

to add new parameter "creationdate" to make it easier to create keys for
future periods.  The parameter controlled batch key generation already
allows for this.

Background: gpg will not consider a future encryption subkey so that
keys for the next period can instantly be distributed.

> these keys. That is, if I have to restore certain files from a backup, and
> the machine where the decryption happens might be compromised, I don't want
> all backups to be compromised in a single step. 

You may also want to look into gpg-agent remote feature which is
designed to protect your private key during restore operations.  Here is
an older description:



You don't need to use smartcards and the extra socket is meanwhile by
default configured.


Salam-Shalom,

   Werner

-- 
#  Please read:  Daniel Ellsberg - The Doomsday Machine  #
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgpNME_4ysnZX.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Configuration for offline usage - best practice tips?

2018-02-23 Thread Juergen Christoffel 

On Sat, Feb 17, 2018 at 11:15:57PM -0500, Daniel Kahn Gillmor wrote:

On Thu 2018-02-15 21:33:05 +0100, Juergen Christoffel wrote:


I'm looking for best practice tips for offline usage of GnuPG. [...]

GnuPG's defaults should be fine for the common, simple backup case.

However, i note that you're talking about "today's public key" -- that
suggests that you're imagining a regularly-updated key that your backup
tooling will know about.  This is in some sense antithetical to "offline
usage" -- how will the backup scripts learn about the new keys if they
can't go online to fetch them?


Thanks for the feedback and sorry for the delayed answer, I've been on a
business trip.


It sounds like you're proposing an OpenPGP primary key that has a series
of relatively short-lived, expiring encryption-capable subkeys.  Is that
correct?


Yes, that's what I plan to do, generate a subkey for each month in advance
and use this to encrypt my backups.

And it seems that I shouldn't have used the term "offline usage" without a
better spec what I ment. So: GnuPG tips for communications use state that I
should do this or don't configure that in order to keep my keys compatible
with potential recipients. That's what I consider "online" use, while I use
"offline" to say that I don't intend to share encrypted stuff with external
parties, so I have no need for potential limitations


For further clarity, it'd be useful to understand what you see as the
goal of key rotation here.  Do you plan on deleting older secret
subkeys?  if so, how will you recover backups that were encrypted to the
destroyed secrets?


Backups are done from a rented root server to a rented storage server in
"the cloud" and I want to lessen the impact of a potential compromise of
these keys. That is, if I have to restore certain files from a backup, and
the machine where the decryption happens might be compromised, I don't want
all backups to be compromised in a single step. 


But for backups, this is a slightly more complicated story.  It
certainly can be useful if you want to be able to robustly *destroy*
backups that might be stored on servers that you don't have full control
over.  That is: encrypt the backup to public key X, send the encrypted
copy to "the cloud", and then when you're sure you don't need it any
more, delete the secret key corresponding to X to ensure that it's not
recoverable.  But most people have a hard time just getting their
backups to happen on a reasonable schedule, and don't have a reliable
schedule for backup destruction.  Do you have such a plan?  Or do you
envision some other reason for the proposed key rotation?


The backup plan is in place and uses rotating backups, so older backups
expire anyway after some time.

Thanks for your detailed suggestions, I'll rethink my plans with them in
mind.

Regards, JC


--
 Doctorow's Law: Anytime someone puts a lock on something you own, against
 your wishes, and doesn't give you the key, they're not doing it for your
 benefit.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Configuration for offline usage - best practice tips?

2018-02-18 Thread Daniel Kahn Gillmor 
On Thu 2018-02-15 21:33:05 +0100, Juergen Christoffel wrote:

> I'm looking for best practice tips for offline usage of GnuPG. What Do I
> mean by offline usage? I plan to encrypt backups or files on my machines
> with GnuPG and generate weekly or monthly keys for that purpose so backups
> for example can run unattended and simply encrypt with today's public key.
> As the backups need to be compatible with my software only, I could
> possibly choose different configuration options than for my "online" usage.

GnuPG's defaults should be fine for the common, simple backup case.

However, i note that you're talking about "today's public key" -- that
suggests that you're imagining a regularly-updated key that your backup
tooling will know about.  This is in some sense antithetical to "offline
usage" -- how will the backup scripts learn about the new keys if they
can't go online to fetch them?

It sounds like you're proposing an OpenPGP primary key that has a series
of relatively short-lived, expiring encryption-capable subkeys.  Is that
correct?

For further clarity, it'd be useful to understand what you see as the
goal of key rotation here.  Do you plan on deleting older secret
subkeys?  if so, how will you recover backups that were encrypted to the
destroyed secrets?

In an e-mail or messaging context, you can decrypt messages as they
arrive, caching either the cleartext or the session keys; this allows
you to rotate the asymmetric keys, destroying the old asymmetric secrets
as they expire, which provides something approximating "forward
secrecy".  (see the recent improvements in version 0.26 of the notmuch
mail user agent as an example of first steps on the way to implementing
this strategy).

But for backups, this is a slightly more complicated story.  It
certainly can be useful if you want to be able to robustly *destroy*
backups that might be stored on servers that you don't have full control
over.  That is: encrypt the backup to public key X, send the encrypted
copy to "the cloud", and then when you're sure you don't need it any
more, delete the secret key corresponding to X to ensure that it's not
recoverable.  But most people have a hard time just getting their
backups to happen on a reasonable schedule, and don't have a reliable
schedule for backup destruction.  Do you have such a plan?  Or do you
envision some other reason for the proposed key rotation?

 --dkg


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Configuration for offline usage - best practice tips?

2018-02-16 Thread Werner Koch 
On Thu, 15 Feb 2018 21:33, jc.gnupg...@unser.net said:

> implementations and standards or strong encryption in general, I expect
> that a configuration for offline usage might be different from one for
> general purpose encrypted communication.

If you never want to use any online resource, you can simply uninstall
dirmngr.  All network access goes via this daemon.

For a case-by-case configuration you can add

  --disable-dirmngr

to the gpg or gpgsm invocation (or conf file).


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgptHCc5fxxM0.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users