On Sat, May 23, 2020 at 09:35:54PM -0700, Mark wrote:
I'm sure this is a pretty stupid question
No, it’s not.
I'm trying to figure out which files I need to backup to safeguard my keys.
I’m assuming you are using GnuPG 2.2 on Windows here (based on your User-Agent).
Everything that needs to be saved is in GnuPG’s home directory, which on Windows should be `C:\Documents and Settings\<username>\Application Data\gnupg`. In that folder you should save:
* the private keys (in the `private-keys-v1.d` subfolder; * the public keys (the `pubring.kbx` file);* the trust data (the `trustdb.gpg` file, plus the `tofu.db` file of you are using the TOFU trust model);
* any configuration file (`*.conf`); * if you are using GpgSM, the `policies.txt` and `trustlist.txt` files.For the private and public keys however, instead of saving the files directly I’d recommend exporting them from GnuPG:
% gpg -o private-keys.gpg --export-secret-keys % gpg -o public-keys.gpg --exportThe rationale for doing so is that the exported files are in the standard OpenPGP format, from which you can re-import them without worrying about changes from one GnuPG version to another. To restore:
% gpg --import private-keys.gpg % gpg --import public-keys.gpg (You can also do that with a graphical interface, of course.)Of note, there is also a much simpler option which could replace everything above: use the Sherpa tool [1], which does exactly what you need. It backs up a complete GnuPG profile into an archive and later allows you to restore it. Do mind the warning about Sherpa not being “ready for regular users”, though. For what it’s worth, I’ve used it a few times and never had any issues with it.
Hope that helps, - Damien [1] https://github.com/rjhansen/sherpa
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
