Atom Smasher schrieb: > in theory, if you're *really* using a strong pass-phrase, you can publish > your private key in a public place and rest secure in the knowledge that > no known technology can break your 100+ character pass-phrase... and if a > hard drive or several go up in smoke you can recover a copy from google's > cache ;)
A few thoughts on this: - You could use the very long passphrase, upload to secret key to somewhere and then change the passphrase back to a shorter one for daily use. - Instead of doing this, you could just take your secring.gpg, encrypt it using "gpg --symmetric" with a really long passphrase and publish the result. - You don't really have to publish the so-encrypted file. Just storing it at one place (or more than one) that is unlikely to fail at the same time when your local hard disk does will do, too. Think of your work PC, your webhosters server, some other remote server or whatever. Having the thing in Google's cache is not necessary (there are no guarantees that this really is a persistent storage). - To ensure the accessibility you might schedule a daily cronjob that does an MD5-calculation on the backup file and compares this against the known good value. Once things differ, you know that your backup is in danger. In fact, this is the thing that failed with Nicolas' backup strategy: The backup became corrupted without him noticing and thus he could not recover from the subsequent failure of the primary copy. cu, Sven _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
