Op di, 08-03-2005 te 14:58 +0000, schreef Ben Hill: > On Tue, 2005-03-08 at 00:46 +0100, David HÃrdeman wrote: > > first of all, this might be slightly off-topic for the debian-devel > > list, but I've got the impression that it's already been solved by some > > DD's and might prove interesting to others (including non-DD's such as > > me). > > I use a very small USB key for my gnupg and ssh keys. I had created > the .gnupg and .ssh directories in my home a long time ago, so I > formatted the USB device as ext2, and copied the two directories to the > USB device as ssh and gnupg. > > In my home directory I create a symlink for /media/usbkey/ssh -> ~/.ssh > and /media/usbkey/gnupg -> ~/.gnupg. > > So, when I stick the dongle into the USB slot, the drive is > automatically mounted, and the symlinks point to my real key > directories. > > When the key is out of the machine, my keys are safe offline.
This is also approximately how I manage this (or did, my key broke yesterday and I haven't got a new one yet). The only difference is that, rather than symlinking ~/.gnupg, I symlink ~/.gnupg/secring.gpg; that way, I can mount the USB key read-only, which allows me to safely remove it while still mounted; my trustdb and public keyring are synchronized in other ways. -- EARTH smog | bricks AIR -- mud -- FIRE soda water | tequila WATER -- with thanks to fortune