On 7/23/2013 8:29 PM, Martin wrote:
@Chris: That still leaves the problem of having to enter the passphrase for the
key on the untrusted machine, which might have a keylogger, doesn't it?
Martin,
It does, which is why I prefaced my suggestion with a warning against using an
untrusted computer. However, a keylogger alone, would not be enough to
compromise a key on a Live USB drive. That would give an attacker a passphrase
without a secret key. The attacker would need to find and copy the keyring
files from the USB drive.
That could be defeated by using a Live CD/DVD of an arguably more secure
kernel/OS, such as GNU/Linux or *BSD with the USB drive for storing the
keyrings. That way, so long as you trust the Live CD/DVD distribution, what is
on the untrusted computer's HDD would not matter.
Chris
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
