I think that could be addressed if all those files and directories are stored within an encrypted archive (whatever your favorite is)
On 5/24/2020 7:05 AM, Felix Finch wrote: > On 20200524, Damien Goutte-Gattat via Gnupg-users wrote: >> On Sat, May 23, 2020 at 09:35:54PM -0700, Mark wrote: >>> I'm trying to figure out which files I need to backup to safeguard >>> my keys. >> >> Everything that needs to be saved is in GnuPG’s home directory, which >> on Windows should be `C:\Documents and >> Settings\<username>\Application Data\gnupg`. In that folder you >> should save: >> >> * the private keys (in the `private-keys-v1.d` subfolder; >> * the public keys (the `pubring.kbx` file); >> * the trust data (the `trustdb.gpg` file, plus the `tofu.db` file of >> you are using the TOFU trust model); >> * any configuration file (`*.conf`); >> * if you are using GpgSM, the `policies.txt` and `trustlist.txt` files. > > Out of curiosity ... how safe are these files as is, assuming the > private key file has a good strong passphrase? If they are backed up > on a USB stick which gets lost and found by someone else, or stolen, > how much damage can be done? How hard is it to crack a good > passphrase? I realize that's kind of a loose question, and "strong > passphrase" doesn't help. > _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
