On 2024-03-31 22:23:10, Arto Jantunen wrote: > Didier 'OdyX' Raboud <o...@debian.org> writes: > > > Le dimanche, 31 mars 2024, 14.37:08 h CEST Pierre-Elliott Bécue a écrit : > >> I would object against creating a PGP key on the HSM itself. Not having > >> the proper control on the key is room for disaster as soon as you lose > >> it or it dies. > > > > For subkeys, isn't that a benefit rather than a disadvantage? > > > > You lose the key, or it gets destroyed / unusable; good, you get a new > > subkey > > instead of reusing the existing one on a different HSM. > > For the authentication and signing subkeys this is indeed true. For the > encryption subkey significantly less so (as things encrypted against > that key then become impossible to decrypt). > > Personally I have generated the signing and authentication subkeys on > the HSM itself (and thus at least in theory they cannot leave the HSM), > and the encryption subkey I have generated on an airgapped system and > stored on the HSM after making a couple of backups.
I am really confused now on how all this works. How can you generate parts of a key (i.e. subkeys) on the HSM (well, yubikey), and the other parts locally? Looking forward to having up-to-date documentation once the dust settles. I have enough yubikeys which are only used for 2FA. (Well, and I'd need an airgapped, separate system, which I don't have) thanks, iustin
