1 |
Create 2 couple of key. |
2 |
one for remote, other for local. |
3 |
|
4 |
Il giorno mar, 09/09/2008 alle 10.24 -0700, Grant ha scritto: |
5 |
|
6 |
> >> It looks like I've imported a pub/sec keypair now. Should I remove |
7 |
> >> the public key for security? Maybe I misunderstood from the beginning |
8 |
> >> and having both keys on the same system isn't a security issue? |
9 |
> >> |
10 |
> >> - Grant |
11 |
> >> |
12 |
> > |
13 |
> > It is still a security issue, but only as much as any other data on your |
14 |
> > machine. Physical access to the box, or being remotely hacked will |
15 |
> > always be a security risk. |
16 |
> > |
17 |
> > And yes, if someone does break in and copy your pub/sec keypair, they |
18 |
> > will have full ability to masquerade as you in signed and encrypted emails. |
19 |
> > |
20 |
> > You have to weigh it up for yourself really. Many, many keep pub/sec |
21 |
> > keypairs for their email on more than one machine. Of course it would be |
22 |
> > a lot of work for someone to compromise your system for your gpg keys, |
23 |
> > so your email would have to be of value to them. |
24 |
> |
25 |
> Can I configure this so that I don't have the two keys on the same |
26 |
> system? I'd like encrypt with my remote system and decrypt with my |
27 |
> local system. Is that possible? It seems like importing my private |
28 |
> key also imports the public key. |
29 |
> |
30 |
> - Grant |
31 |
> |