| 1 |
Grant wrote: |
| 2 |
>>> Can I configure this so that I don't have the two keys on the same |
| 3 |
>>> system? I'd like encrypt with my remote system and decrypt with my |
| 4 |
>>> local system. Is that possible? It seems like importing my private |
| 5 |
>>> key also imports the public key. |
| 6 |
>> I'm a bit confused as to what you're trying to do. If you are encrypting |
| 7 |
>> mail to other people, you should be using *their* public key, not your own. |
| 8 |
>> The only case where you need your public key is to encrypt mail to |
| 9 |
>> *yourself*; otherwise you don't need either of your keys on the remote |
| 10 |
>> system. |
| 11 |
|
| 12 |
> Should I delete the private key from the remote system? It sounds |
| 13 |
> like the public key can always be regenerated from the private key so |
| 14 |
> there's no use in deleting it from the local system. |
| 15 |
|
| 16 |
Yes to both statements. Having your private key on the remote system is |
| 17 |
an unnecessary risk, since you don't need it to encrypt data and it's |
| 18 |
exposed to anyone else with access to that system. And, though I |
| 19 |
haven't done it, GnuPG's docs say that the public key can easily (one |
| 20 |
gpg command) be regenerated from the private key, so you may as well |
| 21 |
keep it around for convenience. |
| 22 |
|
| 23 |
--Mike |
Archives