I know where I keep mine, but I'm not sure I've been paranoid enough the past few years :-)
Where do you store your GPG keyring? Personal or business laptop? Home or other server? USB or other removable media? In the cloud? And more importantly, how did you decide where to keep your keyring? At the moment, I keep my keyring on my laptop (with a backup elsewhere). The machine itself has whole disk encryption, and then there's the login password, and then keyring passphrase. All the passwords (phrases) are of a more than usual length and complexity. I think I've got a pretty good handle on this, but I know some folks who keep their keyrings on USB drives (often encrypted), and only plug them in when needed. So, anyone want to share? Am I paranoid enough, or too much? I'm still deciding on my threat model, so I haven't made a serious decision about how I'm going to do this in the future. At the moment, I'm going with what's easy enough, but I may want to change that soon. --tep _______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
