federalhillrent at yahoo
Nov 25, 2009, 5:23 PM
Post #2 of 3
(612 views)
Permalink
|
Would you define ascii-armored
--- On Wed, 11/25/09, Brian O'Kennedy <brokenn [at] gmail> wrote:
From: Brian O'Kennedy <brokenn [at] gmail>
Subject: Fwd: Backup of private key
To: gnupg-users [at] gnupg
Date: Wednesday, November 25, 2009, 4:19 PM
So this implies that I could safely upload my ascii-armored private key to an email server without fear (assuming of course that my passphrase is secure and large). What symmetric encryption is typically used on the key itself? I'm assuming that this level of encryption is secure enough to not worry about it being broken?
Thanks for the tip and welcome :)
brian
2009/11/25 Robert J. Hansen <rjh [at] sixdemonbag>
Brian O'Kennedy wrote:
> This is a complete n00b question, but I still need to get an opinion on
> this.
We were all new once. :) Welcome to the list!
> All of these make sense to me, but aren't compatible with my ability to
> lose physical things. So, what would the risks be of me using
> symmetrical encryption with a long passphrase to encrypt my private key,
> and storing that in an online email account (gmail/yahoo/etc)? If we
> consider the symmetric encryption to be (practically) unbreakable, is
> this safe?
The good news is your private key is already encrypted with a symmetric
cipher. The passphrase you type to use your key is really the
passphrase needed to decrypt it.
If you are sure that no one will ever guess your passphrase, then you
could safely publish your private key in the _New York Times_. That
would be a really extreme case, but you could do it.
-----Inline Attachment Follows-----
_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users
|
