On Wed, Jul 6, 2016 at 10:25 AM, Damien Goutte-Gattat < dgouttegat...@incenp.org> wrote: > > Storing the master key offline and having to import it whenever I want >> to sign other keys might actually decrease security, since it offers >> enough of a possiblity to mess things up >> > > True enough. In my case, I try to minimize the risk of human error by > using a script which automatically brings the key online (from its offline > USB storage), executes a single GnuPG command, then remove the key again. > > If you are interested, I've written a blog post [1] in which I give an > example of such a script. >
I would suggest the script key2dongle which is part of egpg: - https://github.com/dashohoxha/egpg/wiki/gnupg-2.1-key2dongle - https://github.com/dashohoxha/egpg/blob/gnupg-2.1/src/ext/cmd_key2dongle.sh It implements the symlink solution described at the end of the Damien's blog post. Dashamir
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
