-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Gerd--
On Tue 2017-02-21 09:34:17 -0500, Gerd v. Egidy wrote: > I'd like to announce a program I wrote to backup GnuPG and SSH keys as > qrcodes on paper: > > paperbackup.py > https://github.com/intra2net/paperbackup > > This is designed as fallback if all your regular backups failed to restore or > were lost. > > Usage is like this: > > gpg2 --armor --export "User Name" >key.asc > gpg2 --armor --export-secret-key "User Name" >>key.asc > paperbackup.py key.asc > paperrestore.sh key.asc.pdf | diff key.asc - > lpr key.asc.pdf this is a cool idea. however, it seems like you might be backing up more than most people would need. For most folks, their OpenPGP certificates (public keys) are stored on the public keyservers. Or at least their friends have a copy of them :) Even if you want the whole certificate, you've duplicated most of the material here -- just the data produced by --export-secret-key should be sufficient to reconstruct everything. Probably, putting less data in your qrcode backup will make the backup more robust during recovery.. So for most folks, the critical backup that they need is likely to be only the secret key material itself, since the public key material and signatures and the like can all be retrieved from from the keyserver network or from friends. Are you aware of David Shaw's paperkey? http://www.jabberwocky.com/software/paperkey/ This produces significantly less data (still in text form, though), so it could be combined with your approach to have a nice big, robust, scannable recovery mechanism. thanks for publishing your work! --dkg -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOCdgUepHf6PklTkyFJitxsGSMjcFAlitEsgACgkQFJitxsGS MjfnZQ//ediyODKSSDEj3wEEobXd+27VTv3oOS6EpBUDxyse3ttMAb1q9EBgzJC/ DJAYC1vOqyYzQ7+7uLVAKShE2rMWDhTnxAbIYsbqRpxeS0vGsn5L3yWpiT+u5LkN sBXONHO5MxDH1kQDZ9+muFZWYUBTSKbJLLHN0R5uk1PqvVRXBMT3HDFusqeS0EBI W+lBKGGABBGk1P8/Sc1tOX9WbkA5aQxNhGq5Rq0E4FUrR7J6IlAKGDqjVmCHs1++ BzMVKqkfZm2++PQXpGyzCadkTL9oTK4+zMz3E6cvQtwlNWZBZLW1vPZPNwRWBekK VNbZEyIOuSSZTR/jmDyh7dNDAzsjjKF+1Gspu9uDFWVHUbz72hdUzmyRB0RG8DfN XfE8zscyJlmJfTccgRYzfuTNXU9QtnlwyThvYyrvZOQ/WMSxfYe+ST3neJOGGB7j UFnhj4DgfSNVbXT6mEOLWEos3S21YSN8hMiLkOqvyF7+Tnuq98hyEESAX0BRLAjw Jo1eLkkgdAaB5Ww08VoxrmArSS7dCpvyn1OpeuOvC0BZuKBKJI+93ZuWSAKDRdNr ouI355qDnOun7ut9cAl1fC0r6ws9qjeGNXTgQUHGAu43bs0A2rkhzaPg0DdHYvrQ ME3mdC45HOT+EYCysJj9DNueD9ZO/W235MPWTHOcD17uBi5iHr4= =DPyt -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
