On 6/1/2017 9:30 AM, Dave Jones wrote:
Where should I put the private key then? If you are going to personally see Greg, then it may make more sense for you to generate it offline so the private key is not checked into SVN or emailed from me to you.
Sorry, I wasn't clear. In my head, I had been thinking about giving him just the passphrase out of band.

If you generate a key pair with a ridiculously strong passphrase which you can relay over the phone, we can then email the private, passphrase protected key pair to Greg. I'll follow-up with the passphrase in person. Then once you and I confirm we have the private key off the server and safely onto our own network, we are safe enough I believe.

Then we should only need the public key in our key rings to encrypt it to that sysadmins@ account.

This matched what Greg discussed a week or 3 ago.

Regards,
KAM

Reply via email to