Mailing List Archive

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Subba Rao, at 21:18 -0400 on Sun, 30 Jul 2000, wrote:

> Are there any good practices regarding the number of keys a user may
> have?

I'm not quite sure what you are asking here.

> Once the keys are generated, where do I keep the public key? Is there
> a public server for the GPG public keys?

Ordinary servers such as horowitz.surfnet.nl are fine. Look into the
'keyserver' option for GnuPG in the manpage.

- --
Frank Tobin http://www.uiuc.edu/~ftobin/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.2 (FreeBSD)
Comment: pgpenvelope 2.9.0 - http://pgpenvelope.sourceforge.net/

iEYEARECAAYFAjmE6ywACgkQVv/RCiYMT6NPEgCeMtcV861X6hn3rThUnHAlVDkr
iwUAn3GRyriVY8JB34Vc4ftjdM9VSLBr
=35rP
-----END PGP SIGNATURE-----

On Sun, 30 Jul 2000, Subba Rao wrote:

>
> I have installed GPG on 2 different machines. The different user accounts on these
> machines are identical. Very likely, I plan to have 2 sets of keys for each user account,
> one for each machine. Are there any good practices regarding the number of keys a user
> may have?
>

A lot of users have two, one at work and one private for instance. There
are no rules. But a different key for each machine seems a bit much. I'd
have to have dozens of keys. Help.

> Once the keys are generated, where do I keep the public key? Is there a public
> server for the GPG public keys?
>

There are public keyservers, like horowitz.surfnet.nl, pgpkeys.mit.edu,
wwwkeys.eu.pgp.net. If you look in ~/.gnupg/options, you will find a field
"keyserver." Just use one of these servers in that field and export your
keys.

> Thank you in advance.
> --
>
> Subba Rao
> subb3@attglobal.net
> http://pws.prserv.net/truemax/
>

Stefan



==========================================
Stefan Suurmeijer
Network Specialist
University of Groningen
tel: (+31) 50 363 3423
fax: (+31) 50 363 7272
E-mail (business): s.m.suurmeijer@let.rug.nl
E-mail (private): stefan@symbolica.nl
==========================================

Quis custodiet ipsos custodes? (Who'll watch the watchmen?) - Unknown

Quoting Stefan Suurmeijer <stefan@symbolica.nl>, who wrote:
> On Sun, 30 Jul 2000, Subba Rao wrote:
> > I have installed GPG on 2 different machines. The different user accounts on these
> > machines are identical. Very likely, I plan to have 2 sets of keys for each user account,
> > one for each machine. Are there any good practices regarding the number of keys a user
> > may have?
>
> A lot of users have two, one at work and one private for instance. There
> are no rules. But a different key for each machine seems a bit much. I'd
> have to have dozens of keys. Help.

I do this as well, but have some questions about good practice. Mail that gets sent to
my home address (sroberts) also arrives at my work address. However, if it's encrypted
I can't read it. So, I need to have my private key for sroberts at work, or do I?

How is this dealt with? It's seeming complicated enough that I might as well just have
one secret keyring, and just copy it to any machines that I read/send mail at/from.

Sam

--
Sam Roberts (sam@cogent.ca), Cogent Real-Time Systems (www.cogent.ca)

On Tue, 1 Aug 2000, Sam Roberts wrote:

> Quoting Stefan Suurmeijer <stefan@symbolica.nl>, who wrote:
> > On Sun, 30 Jul 2000, Subba Rao wrote:
> > > I have installed GPG on 2 different machines. The different user accounts on these
> > > machines are identical. Very likely, I plan to have 2 sets of keys for each user account,
> > > one for each machine. Are there any good practices regarding the number of keys a user
> > > may have?
> >
> > A lot of users have two, one at work and one private for instance. There
> > are no rules. But a different key for each machine seems a bit much. I'd
> > have to have dozens of keys. Help.
>
> I do this as well, but have some questions about good practice. Mail that gets sent to
> my home address (sroberts) also arrives at my work address. However, if it's encrypted
> I can't read it. So, I need to have my private key for sroberts at work, or do I?
>

Yes. If you want to decrypt mail for your private address at work or v.v.,
you need both keys. It's possible to transport your secret key to another
machine. Use gpg --export-secret-keys > filename. Then transport the file
you created by a safe means to your other machine. Mailing it encrypted to
your work address would work, or sftp if you have it. I wouldn't use ftp
etc, since that would send your private keys over the net for anyone to
catch.

> How is this dealt with? It's seeming complicated enough that I might as well just have
> one secret keyring, and just copy it to any machines that I read/send mail at/from.
>
> Sam

Yup. See above
>
> --
> Sam Roberts (sam@cogent.ca), Cogent Real-Time Systems (www.cogent.ca)
>

Stefan


==========================================
Stefan Suurmeijer
Network Specialist
University of Groningen
tel: (+31) 50 363 3423
fax: (+31) 50 363 7272
E-mail (business): s.m.suurmeijer@let.rug.nl
E-mail (private): stefan@symbolica.nl
==========================================

Quis custodiet ipsos custodes? (Who'll watch the watchmen?) - Unknown




--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org