Menu
I'm just getting started with GPG. I've created a key pair and now have several .gpg files:
drwx------ 2 jason jason 4096 Feb 11 21:10 ./
drwx------ 90 jason jason 45056 Feb 11 20:49 ../
-rw------- 1 jason jason 9398 Feb 11 20:49 gpg.conf
-rw-rw-r-- 1 jason jason 2316 Feb 11 21:10 mypk
-rw------- 1 jason jason 1633 Feb 11 20:52 pubring.gpg
-rw------- 1 jason jason 1633 Feb 11 20:52 pubring.gpg~
-rw------- 1 jason jason 600 Feb 11 20:52 random_seed
-rw------- 1 jason jason 1794 Feb 11 20:52 secring.gpg
-rw------- 1 jason jason 1280 Feb 11 20:52 trustdb.gpg
Am I correct to understand that secring.gpg is my private key? This file is protected by my passphrase, right? Is it ok to just keep this file on my machine? Should I move it somewhere more secure (say a thumb drive)?
711
Am I correct to understand that secring.gpg is my private key?
From man gpg:
~/.gnupg/secring.gpg
The secret keyring. You should backup this file.
This file is protected by my passphrase, right?
If you set one, yes. Actually not the file itself is protected, but each contained key can be (you can have multiple private keys in your secret keyring).
Is it ok to just keep this file on my machine? Should I move it somewhere more secure (say a thumb drive)?
This depends on your needs and trust in your machine.
--secret-keyring /path/to/secring.gpg whenever using gpg or put it into your gpg.conf: secret-keyring /path/to/secring.gpg.gpg.For putting your key on a separate device, think of using an OpenPGP card. Using one, your secret key will never leave that card (for signing and decrypting) but for backup purpose. Definitely increases nerd factor, too. ;)
114
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
