GPG keys and removable media

ME dugan at passwall.com
Thu Nov 14 15:17:03 PST 2002


In using ZIP/Floppy/USB keyring with MB of storage, there is still the
re-statement of what I included at the meeting:
"Like ssh, gpg is for *trusted* machines."

Some people have used the USB keyring and/or floppy/zip disks to use gpg
from labs or friends' machines. If the machine you are using is actually a
*trusted* machine, then this is perfectly fine. However, if you cannot
trust the machine, the admin, people who may have used the machine before
you, or that the machine is free of bacdoors and unauthorized access, then
the removable media should not be used on that machine.

Someone spoke before at DC about storing kets on a USB plug that can be
attached to a keyring (car key, house key, etc) real life key ring. Yes,
it is quite remarkable, and makes me smile, but it should still only be
used on trusted machines.


minnigerode said:
> You can also keep it on one of those USB ram disks.  Disk on key
> has 16,32, and 64 meg ones.  I've had a 32meg one
> for about 6 months. Don't use it much, but occasionally it's
> really nice to have around.  Typically you can just plug it
> in and if you have the automounter set up it'll be available.
>
> Also the compact flash - usb things work nicely too.
>
>
> dave
>
>
>
>
>
> On Thu, 2002-11-14 at 09:54, mkjanes at sonic.net wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Just a quick (in more ways than one) thought on keyrings and removable
>> media. At first I was advised to keep my GPG keys, especially my
>> private key, on a floppy disk. They have adequate room, but I found it
>> slowed GPG down a lot vs. having the keys on the hard drive. What I
>> did was use a Zip drive instead. Lots more room, though that's not
>> really an issue, but also much faster access time- indiscernable from
>> having it on the hard drive. And, when I'm done, the Zip disk lives in
>> a safe place until next time.
>>
>> Mark Janes
>> - --
>> _______________________________________________________________
>> gpg public key: http://www.sonic.net/~mkjanes/MyPublicKey.asc
>> Key Fingerprint = 671B C6D3 D973 4373 68C4 5544 091E 6FC4 142C 53F4
>> _______________________________________________________________
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.2.1 (GNU/Linux)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>>
>> iD8DBQE90+NOCR5vxBQsU/QRAo3WAJ9pqazKylGX70QSp3723zxQQ41MLACfZI5n
>> yuJZrFoQ12VgNF61bljoePo=
>> =8Cvl
>> -----END PGP SIGNATURE-----
> --
> minnigerode <minniger at minnigerode.org>





More information about the talk mailing list