[lug] GPG on two systems

Michael J. Pedersen marvin at keepthetouch.org
Mon Oct 16 12:27:21 MDT 2000


On Mon, Oct 16, 2000 at 11:46:27AM -0600, Kyle Moore wrote:
> I've been looking at pgp at home and it works like a champ with mutt. So
> I want to start using it at work too. Should I just copy the whole
> directory over that contains my secret and public keys? I would assume I
> shouldn't generate new keys on my work box. Any guidance on using gpg on
> two different computers would be appreciated.

Well, there's going to be two possibilities, each with their own
(dis)advantages.

Copy everything to work. This leaves you open to sniffing by your workplace.
If you trust your workplace not to invade your PC for any reason, then this is
a good option. It lets people use the same key for different purposes. Keep in
mind, though, that some employers will scour your machine after you leave, to
see if you were doing anything. And they might not give you the chance to
clean it, leaving your keys vulnerable. Advantage, though: People only need
one key to check if it really is you.

Make new work keys, and do a cross-signing (ie: sign work key with home key,
home key with work key). Guarantees you the safety that copying to work does
not. Disadvantage: People need both keys, or need to be able to trust you
completely to act as introducer for your other key. Either, way, it's slightly
more difficult for them.

The end result? You have to decide which is worth more to you: Security for
your keys, or convenience for your keys. As you are looking at encryption and
signing in any fashion, you should most likely choose security.

-- 
Michael J. Pedersen
My GnuPG KeyID: 4E724A60        My Public Key Available At: wwwkeys.pgp.net
My GnuPG Key Fingerprint: C31C 7E90 5992 9E5E 9A02 233D D8DD 985E 4E72 4A60
GnuPG available at http://www.gnupg.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20001016/ed6a3901/attachment.pgp>


More information about the LUG mailing list