Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. users
Syncing GnuPG data between computers
gnupg-users at gnupg
Dec 31, 2019, 2:46 PM
Post #1 of 5 (711 views)
Permalink
I use different computers at different times, either my office computer
or one on-site provided by a customer.

I want to be able to propagate changes I make to GnuPG on one computer
to other computer I use, without resorting to duplicating the changes
manually.

I currently only manage one GnuPG identity, and its private key material
is stored on a smart card (Yubikey). So I think I'm only caring about
other's keys, trust relationships, and the like.

I do this kind of thing for several data types today, for example my
"dot" files. I use a 'master copy' scheme, where changes made on one
computer are "pushed" to the master copy, and other computers' copies
can be updated by "pulling" from the master copy.

A GnuPG example. If I import, verify, and sign some new keys, I'd
"push" from that computer and then later "pull" from a different
computer so I could use those new keys there.

The GnuPG configuration files are simple enough, but the database files
are another story I imagine.

My search-fu keeps suggesting using gpg import and export, like:

https://lists.gnupg.org/pipermail/gnupg-users/2011-May/041766.html.

Has anyone else done something like this? Any references or suggestions
are appreciated.

Thanks,
Steve

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Syncing GnuPG data between computers [ In reply to ]
gnupg-users at gnupg
Dec 31, 2019, 6:56 PM
Post #2 of 5 (711 views)
Permalink
* Steve McKown via Gnupg-users:

> I currently only manage one GnuPG identity, and its private key
> material is stored on a smart card (Yubikey). So I think I'm only
> caring about other's keys, trust relationships, and the like.

If you can limit yourself to modifying files on only one computer before
a "sync", I recommend using Git pull/push operations for your key rings,
trust-DB etc.

I have been using this method for a long time to sync macOS and Linux,
and it works fine for me. The PGP files are binary and therefore opaque,
but apparently platform-independent.

-Ralph

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Syncing GnuPG data between computers [ In reply to ]
gnupg-users at gnupg
Dec 31, 2019, 7:33 PM
Post #3 of 5 (711 views)
Permalink
On 12/31/19 16:46, Steve McKown via Gnupg-users wrote:
> I use different computers at different times, either my office computer
> or one on-site provided by a customer.
>
> I want to be able to propagate changes I make to GnuPG on one computer
> to other computer I use, without resorting to duplicating the changes
> manually.
>
> I currently only manage one GnuPG identity, and its private key material
> is stored on a smart card (Yubikey). So I think I'm only caring about
> other's keys, trust relationships, and the like.

Move your .gnupg to a thumb drive, symlink .gnupg to its mount point,
and move the thumb drive back and forth? You might have to fiddle with
permissions/ownership if your numeric uid is different on both of them,
or maybe use something like VFAT that doesn't track
ownership/permissions for better or worse.

This is what I did for my music and my music player's database, I have
not tried it with any other software including GnuPG.

--
Shawn K. Quinn <skquinn@rushpost.com>
http://www.rantroulette.com
http://www.skqrecordquest.com

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Syncing GnuPG data between computers [ In reply to ]
gnupg-users at gnupg
Jan 1, 2020, 2:08 PM
Post #4 of 5 (711 views)
Permalink
Re: Syncing GnuPG data between computers [ In reply to ]
gnupg-users at gnupg
Jan 2, 2020, 4:50 AM
Post #5 of 5 (711 views)
Permalink
On Tue, 31 Dec 2019 15:46, Steve McKown said:

> The GnuPG configuration files are simple enough, but the database files
> are another story I imagine.

We have always used a platform independent on-disk format for all files.
Thus copying the files between different platforms is no problem at all.

> My search-fu keeps suggesting using gpg import and export, like:

Yes, that is the official way because the on-disk data format is not
standardized. Newer GnuPG versions may add new data items to the files
which might not be fully compatible with older GnuPG versions. If you
use the same GnuPG versions (e.g. 2.2.x) on all machines you won't run
into problems. We take great care not to break anything.


Shalom-Salam,

Werner


--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

Attached Files:

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal