I created a master key and three subkeys following instructions at [1]. I've backed up the secret keys using paperbackup with a modification to add the sequence count to the backed up data so as to identify any qr-codes that don't get decoded properly [2] and deleted the master secret key.
I then transferred the secret subkeys to a yubikey as per [3]. Finally I backed up .gnupg to github [4]. Then to restore the I clone the repo and change permissions to 700: $ git clone g...@github.com:winksaville/.gnupg ~/.gnupg $ chmod 700 ~/.gnupg And then insert the yubikey and get the card-status to retrieve the stub secret keys have gpg functional. $ gpg --card-status Comments on the security of what I'm doing? [1]: https://blog.eleven-labs.com/en/openpgp-almost-perfect-key-pair-part-1/ [2]: https://github.com/winksaville/paperbackup [3]: https://blog.eleven-labs.com/en/openpgp-secret-keys-yubikey-part-2/ [4]: https://github.com/winksaville/.gnupg _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
