Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have been using GnuPG for a couple of weeks now in order to encrypt my personal files on my computer. I have subsequently been backing up those files to Spider Oak's online backup service. Encrypting and Decrypting work great while my computer is in good working order.
My Question is if my computer takes a dump and i have to wipe it or anything else of the sort, how am I to decrypt my backed-up encrypted files once i get them again? Is it possible to reinsert private keys into GnuPG for such a disaster? Also (last one i promise), do key servers only store your public keys, making me solely responsible for my private keys safety?
Click here to see the post LQ members have rated as the most helpful post in this thread.
Copy each of those files to media that you can keep somewhere safe. (IOW, especially do not keep the privkeys file in clear text out on the 'net somewhere.)
I'd add: your private keys (in this scenario) are just as important as your data backups, so treat them as such. Without the private keys, you - quite literally - have no data backups. I keep mine on a USB drive in a secure place.
Ok, I have done that and have backed them up to a separate non-volatile media. What I am concerned with now is that Im not sure if the above procedure backed up anything I have in Seahorse. I have several passwords in my keyring within seahorse and Id like to back those up as well. Does the procedure you mentioned only backup the keys directly created from gpg and nothing else?
Keep a safe copy of the file in which the keyring is stored. Know what master password is used to encrypt it. Know exactly what version of the software is used.
Public key encryption, as you know, involves the use of a pair of keys, one of which is generated based on the other (but not the other way around). Data which has been encrypted by one can only be decrypted by the other and vice-versa. This is the core concept around which the entire scheme is based.
I have several passwords in my keyring within seahorse and Id like to back those up as well. Does the procedure you mentioned only backup the keys directly created from gpg and nothing else?
Yes, that's correct. Unfortunately I am not very familiar with Seahorse. (Perhaps a new thread, with the question focused on Seahorse, and with the side note that you've already backed up GnuPG keys, would be a good idea.)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.