Good Afternoon All, I would like to put together a full workflow for creating and using GPG. Having read a few articles about using air-gapped systems and Smartcards, I'm almost there.
I currently have a setup where the master key is on a USB key, which is only inserted into an air-gapped system when required. Day-to-day subkeys are stored on a Yubikey for regular use. This works. But, using an air-gapped system to sign keys that you trust seems rather unwieldy, particularly when you include in the process the need to copy the public keys to media accessible by the air-gapped system. Could a second smartcard be used to generate and store the master key, instead? What do others do? Thanks for your input, A.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
