So this implies that I could safely upload my ascii-armored private key to an email server without fear (assuming of course that my passphrase is secure and large). What symmetric encryption is typically used on the key itself? I'm assuming that this level of encryption is secure enough to not worry about it being broken?
Thanks for the tip and welcome :) brian 2009/11/25 Robert J. Hansen <r...@sixdemonbag.org> Brian O'Kennedy wrote: > > This is a complete n00b question, but I still need to get an opinion on > > this. > > We were all new once. :) Welcome to the list! > > > All of these make sense to me, but aren't compatible with my ability to > > lose physical things. So, what would the risks be of me using > > symmetrical encryption with a long passphrase to encrypt my private key, > > and storing that in an online email account (gmail/yahoo/etc)? If we > > consider the symmetric encryption to be (practically) unbreakable, is > > this safe? > > The good news is your private key is already encrypted with a symmetric > cipher. The passphrase you type to use your key is really the > passphrase needed to decrypt it. > > If you are sure that no one will ever guess your passphrase, then you > could safely publish your private key in the _New York Times_. That > would be a really extreme case, but you could do it. >
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
