@Chris: That still leaves the problem of having to enter the passphrase for the key on the untrusted machine, which might have a keylogger, doesn't it?
On Wed, Jul 24, 2013 at 6:24 AM, Christopher J. Walters <cwal...@comcast.net > wrote: > On 7/23/2013 3:55 PM, Philipp Klaus Krause wrote: > >> Am 23.07.2013 21:04, schrieb Heinz Diehl: >> >>> On 23.07.2013, Philipp Klaus Krause wrote: >>> >>> Of course it is annoying to have to ask everyone to sign three keys - >>>> after all they are all my keys, and the people I ask to sign my key all >>>> get to see the same passport. Is there a better alternative? >>>> >>> >>> Create/use one key, and add all the different addresses. >>> >>> I do not consider my university computer safe enough to trust it with >>>> the private key for my private mail. >>>> >>> >>> In this case, why should anybody else trust in the integrity of your >>> identity? If you don't trust this machine, revoke the key and don't do >>> anything confidential on/with it. >>> >>> >>> >> That's not a practical solution. I want to be able to read encrypted >> mail sent to my university addresses on that machine. >> >> Philipp >> > > While it is generally considered good policy to use any cryptographic > software on a computer you do not trust, given your reason for wanting to > use GnuPG on the untrusted university computer, I have a suggestion. > > Make a Live GnuPG USB thumb drive - make sure that you set the default > path to be the USB drive, and not the HDD of the university computer. Thus > all of your keys would be on the USB drive and none on the untrusted > computer. If your private keys are already on the untrusted computer, then > I can only suggest revoking them and creating new ones on a trusted > computer - with the keyrings stored on the Live GnuPG USB drive. > > Regards, > Chris > > > ______________________________**_________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/**mailman/listinfo/gnupg-users<http://lists.gnupg.org/mailman/listinfo/gnupg-users> >
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users