export GPG keys to multiple servers
I need to use Duplicity to backup server directories to Amazon S3.
Duplicity uses GnuPG to encrypt the data so that no one can read it. I followed this guide to create "The script" So, my task was create 1 script to be deployed across my servers which would backup the directories. And should any server die, have the ability to SCP the public and private keys to that server so that restoration could occur automatically and backups could occur after restoration. Here's what to do 1. Generate the private and public keys Code:
gpg --gen-key now create backups of your keys Code:
gpg --output secret --export-secret-keys "Real name" scp the secret and public keys to server2 Code:
#scp secret public root@server2: Code:
# gpg --import secret public gpg: There is no assurance this key belongs to the named user Code:
server2# gpg --edit-key 12345678 |
If you any questions or suggestions, please feel free to ask/post.
|
Is this a question or a howto? ;)
As an alternative to using the interactive session to establish trust, you can: Code:
$ gpg --export-ownertrust |
Quote:
Thanks for that command though. I just started learning GPG last week. So, to clarify, on the server I created the GPG keys, say server1, I would issue the command Code:
gpg --export-ownertrust "Real name" | Code:
gpg --import-ownertrust Code:
gpg --export-ownertrust | ssh server2 --import-ownertrust I hope this helps a lot of people who want/need to accomplish this task. |
I'm not sure if you can specify real name in that fashion -- I have only exported / imported the entire trust db when I've used this. (But you can figure it out with a quick test.)
Anyway, yes - you have the gist of it. |
All times are GMT -5. The time now is 08:07 AM. |