l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2005 Jan 19 03:28

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] PGP question: Multiple Machines
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] PGP question: Multiple Machines

On Tue, 18 Jan 2005 08:57:17 -0800 (PST)
"Richard S. Crawford" <rscrawford@mossroot.com> wrote:

> I started playing with PGP over the weekend, and I'm having fun using
> KMail at home to sign my e-mail and encrypt documents and generally
> have a good time.
> But since I use at least three different computers to access and send
> e-mail and documents -- my FC3 desktop, my WinXP/FC3 laptop, and my
> Win2K desktop at work -- how would I address the issue of signing
> e-mails when my secret key is only on one of those three machines? 
> Would I use a different key?  I certainly don't feel comfortable
> copying the secret key from one computer to another, even over SSH,
> since that feels like defeating the purpose to me.
> ...Or am I missing something fundamental about how all this works?
> (Obviously, since this e-mail is sent via Squirrelmail from my desktop
> at work, it's not signed.)

I store my entire home directory in Subversion. (I'll be talking about
this at our Feb 21st meeting). I store my gpg secret key in the .hide
directory of my subversion repository, which I only ever check out by
ssh, and only to trusted computers (i.e. my desktop where the repository
lives, and my laptop when I know I won't be moving the laptop for a

In reality, I have configured my email such that when I want to
send an email, I ssh into my computer and use mutt there, and even when
I checked out my GPG key to my laptop, it's only there because it comes
along for the ride with the various other secret stuff in .hide (e.g.
the jpilot keyring database).

I'm not sure whether this is good security policy though.

--Ken Bloom

I usually have a GPG digital signature included as an attachment.
See http://www.gnupg.org/ for info about these digital signatures.

Attachment: pgp00008.pgp
Description: PGP signature

vox mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!