Re: private-key backup

for this? > > Do you mean backups? > If so, having at least two backup copies of your private key is good > practice: > - A copy on mass storage. > - A copy printed on paper (ASCII armoured) [1] > > Those two copies should be stored in different places to minimise > ri

Re: private-key backup

Hello Byunghee, Il 17 febbraio 2024 alle 14:52 Byunghee HWANG ha scritto: > I have a question. Where is the safest place to store the private-key? > Are there any best practices for this? Do you mean backups? If so, having at least two backup copies of your private key is good practice: -

private-key backup

Hellow, this is my first time greeting you. I'm using GnuPG under Gnome desktop in Debian Sid. I have a question. Where is the safest place to store the private-key? Are there any best practices for this? Thanks in advance! Sincerely, Byunghee from South Korea signature.asc Description: Thi

Re: Backup of GPG private keys?

On Sun, 30 Jan 2022 04:25, Ángel said: > Could you elaborate? I am surely missing something. Unfortunately I can't tell you any details because the paper has not yet been published. The attack is not easy to mount but it is not entirely academic. It affects the standard for sending private keys

Re: Backup of GPG private keys?

On 2022-01-28 at 08:18 +0100, Werner Koch wrote: > The problem here is that the public parts of the encrypted private > parts are not authenticated and by modifying the public parts and > tricking the user to import such a modified backup, information about > the secret key can be reve

Re: Backup of GPG private keys?

hat the exported keys in the backup have not been modified. The problem here is that the public parts of the encrypted private parts are not authenticated and by modifying the public parts and tricking the user to import such a modified backup, information about the secret key can be revealed.

Re: Backup of GPG private keys?

* 2022-01-26 08:15:30+, Mogens Jensen via Gnupg-users wrote: > As of GnuPG (LTS) version 2.2.33, what is the recommended way to backup > your GPG private keys on a Linux system? > > 1. Backing up the entire ~./gnupg directory? Yes. Just normal backup is good and often enough. Ju

Re: Announcing paperbackup.py to backup keys as QR codes on paper

p > paperbackup.py. > > My goal was to be able to print out a paper encrypted backup of a strong > key that I can use to encrypt data or other keys. I tried the Windows > Paperbackup from OllyDbg but it is older, on Windows (I'm on Linux atm) and > was having a hard ti

Re: Announcing paperbackup.py to backup keys as QR codes on paper

Stefan Claas wrote: > Hi, > > while I can't help you with your issue, I like to suggest to take a look > at Fraunhofer SIT's modern JAB-Code, which compiles nicely under Linux, > Windows and macOS. It has also the advantage that it can carry much more > data than QR code. The color barcode withst

Re: Announcing paperbackup.py to backup keys as QR codes on paper

On Mon, 2020-09-14 at 08:16 -0400, bexnews--- via Gnupg-users wrote: > import qrencode > ImportError: No module named qrencode You may need something like the python3-qrencode package. Regards, K. -- ~~~ Karl Auer (ka...@bi

Re: Announcing paperbackup.py to backup keys as QR codes on paper

Hello Friends, > > > > Ok I am no coder so I am trying to bungle my way thru setting up > > paperbackup.py. > > > > My goal was to be able to print out a paper encrypted backup of a strong key > > that I can use to encrypt data or other keys. I tried the Windo

Re: Announcing paperbackup.py to backup keys as QR codes on paper

gt; paperbackup.py. > > My goal was to be able to print out a paper encrypted backup of a strong > key that I can use to encrypt data or other keys. I tried the Windows > Paperbackup from OllyDbg but it is older, on Windows (I'm on Linux atm) and > was having a hard time getting

Re: Announcing paperbackup.py to backup keys as QR codes on paper

rs ಬರೆದರು: > Hello Friends, > > Ok I am no coder so I am trying to bungle my way thru setting up > paperbackup.py. > > My goal was to be able to print out a paper encrypted backup of a strong key > that I can use to encrypt data or other keys. I tried the Windows Paperbackup >

Announcing paperbackup.py to backup keys as QR codes on paper

Hello Friends, Ok I am no coder so I am trying to bungle my way thru setting up paperbackup.py. My goal was to be able to print out a paper encrypted backup of a strong key that I can use to encrypt data or other keys. I tried the Windows Paperbackup from OllyDbg but it is older, on Windows (I&#

Re: Backup of Keys

If someone does not want to remember a passphrase then it goes to something they have. Either some sort of key digital or "analog" or biometric.   Granted changing that is more limited but some get creative, 10 fingers and 10 toes to choose from. I don't think there is any perfect system.  Passwor

Re: Backup of Keys

I'd like to see it updated. I think it would be useful utility to have. On 5/25/2020 2:49 PM, Robert J. Hansen wrote: >> Having only heard of it just now, I was surprised it's not included in >> Debian, >> until I saw the word of caution and lack of commit history. > The word of caution is becaus

Re: Backup of Keys

> Having only heard of it just now, I was surprised it's not included in > Debian, > until I saw the word of caution and lack of commit history. The word of caution is because I'm not actively maintaining it: the lack of commit history is because it's literally a project I threw together over a

Re: Backup of Keys

ough. If there's interest in other > > formats, I'll see about updating it. > > Having only heard of it just now, I was surprised it's not included > in Debian, until I saw the word of caution and lack of commit history. > > Whether in Sherpa or GnuPG directly I

Re: Backup of Keys

ll see about updating it. Having only heard of it just now, I was surprised it's not included in Debian, until I saw the word of caution and lack of commit history. Whether in Sherpa or GnuPG directly I would be grateful for a more semantic way to make a backup. In fact I think this

Re: Backup of Keys

On Mon, 2020-05-25 at 09:36 +0200, Peter Lebbing wrote: > On 24/05/2020 21:39, Mark wrote: > > I know there are other options maybe even some that use > > biometrics to decrypt the database. > > I am very wary of biometrics for authentication purposes. There are so > many examples where the vendor

Re: Backup of Keys

On 24/05/2020 21:39, Mark wrote: > I know there are other options maybe even some that use > biometrics to decrypt the database. I am very wary of biometrics for authentication purposes. There are so many examples where the vendor assured us it was working really well, and researchers easily crack

Re: Backup of Keys

I forgot to mention there are 2 files in that gnupg directory that I'm not sure the purpose of. I know private keys are stored in a directory called private-keys-v1.d and public keys are stored in pubring.kbx. I do have a file called PAPubring.gpg and PAsecring.gpg. They are only 111 and 113 bytes

Re: Backup of Keys

Sorry misspoke.. I should've said put those files you listed in an encrypted archive. I will grab Sherpa later and see how it works. Thanks On 5/24/2020 12:57 PM, Robert J. Hansen wrote: >> I was thinking along the lines of backing up that entire directory into >> an encrypted 7z file and then j

Re: Backup of Keys

> I was thinking along the lines of backing up that entire directory into > an encrypted 7z file and then just having to remember the password to > that archive. I know there are other options maybe even some that use > biometrics to decrypt the database. Don't. GnuPG puts things in that director

Re: Backup of Keys

On 24/05/2020 19:11, Mark wrote: >> I think if all the important files are stored in an encrypted >> container, they should be pretty secure. > Just watch out for the catch-22 of "I lost my hard drive, let me restore > from that encrypted container. Hmmm, my only backup of my

Re: Backup of Keys

Good point, unless you can use some other passwordless authentication. On 5/24/2020 10:44 AM, Felix Finch wrote: > On 20200524, Mark wrote: >> I think that could be addressed if all those files and directories are >> stored within an encrypted archive (whatever your favorite is) > > Yes, but then

Re: Backup of Keys

On 20200524, Mark wrote: I think that could be addressed if all those files and directories are stored within an encrypted archive (whatever your favorite is) Yes, but then that needs a passphrase, and so on. I'm trying to cut back on how many I have to remember. -- ... _._. ._ ._

Re: Backup of Keys

will have the passphrase that was set when the backup was _made_. Changing the passphrase on your computer will not change the passphrase in any older backups. But there is more data in your GnuPG homedir that is not encrypted but is privacy-sensitive. If you ever assign someone ownertrust, that will

Re: Backup of Keys

On 24/05/2020 19:11, Mark wrote: > I think if all the important files are stored in an encrypted > container, they should be pretty secure. Just watch out for the catch-22 of "I lost my hard drive, let me restore from that encrypted container. Hmmm, my only backup of my private key

Re: Backup of Keys

ark wrote: >>> I'm trying to figure out which files I need to backup to safeguard >>> my keys. >> >> Everything that needs to be saved is in GnuPG’s home directory, which >> on Windows should be `C:\Documents and >> Settings\\Application Data\gnupg`. In that

Re: Backup of Keys

0 16:05, Felix Finch wrote: >> Out of curiosity ... how safe are these files as is, assuming the >> private key file has a good strong passphrase? > The safety of the private key purely depends on the strength of the > passphrase. Note that backups will have the passphrase th

Re: Backup of Keys

> I have yet to try it but it sounds like a good idea. Does it run under > Windows 10? Let's see what I wrote: >> The Windows MSI installer should still work, though. Knock yourself out. https://github.com/rjhansen/sherpa/releases/download/0.4.0/sherpa-0.4.0.msi ___

Re: Backup of Keys

Thanks for all the tips on which files to backup and how to export to for use in other apps (which is another thing I want to do later). MANY years ago (mid 90s) I created some PGP keys with the old Norton PGP program I was beta testing... Unfortunately those private keys are long lost (several

Re: Backup of Keys

I have yet to try it but it sounds like a good idea. Does it run under Windows 10? On 5/24/2020 9:18 AM, Robert J. Hansen wrote: >> But using Sherpa is probably a good bet. > Good Lord, it's been a while since I wrote that. The Windows MSI > installer should still work, though. If there's intere

Re: Backup of Keys

On 24/05/2020 18:03, Peter Lebbing wrote: >> % gpg -o public-keys.gpg --export Oh! That is perhaps not good enough :-). You need $ gpg --export-options export-local-sigs -o public-keys.gpg --export so you don't lose any non-exportable signatures. There's also --export-optio

Re: Backup of Keys

> But using Sherpa is probably a good bet. Good Lord, it's been a while since I wrote that. The Windows MSI installer should still work, though. If there's interest in other formats, I'll see about updating it. signature.asc Description: OpenPGP digital signature

Re: Backup of Keys

as set when the backup was _made_. Changing the passphrase on your computer will not change the passphrase in any older backups. But there is more data in your GnuPG homedir that is not encrypted but is privacy-sensitive. If you ever assign someone ownertrust, that will be reflected there. It ind

Re: Backup of Keys

On 24/05/2020 14:52, Damien Goutte-Gattat via Gnupg-users wrote: > No, it’s not. Absolutely not ;-) > For the private and public keys however, instead of saving the files > directly I’d recommend exporting them from GnuPG: > > % gpg -o private-keys.gpg --export-secret-keys > % gpg -o public-keys

Re: Backup of Keys

On 20200524, Damien Goutte-Gattat via Gnupg-users wrote: On Sat, May 23, 2020 at 09:35:54PM -0700, Mark wrote: I'm trying to figure out which files I need to backup to safeguard my keys. Everything that needs to be saved is in GnuPG’s home directory, which on Windows should be `C:\Docu

Re: Backup of Keys

On Sat, May 23, 2020 at 09:35:54PM -0700, Mark wrote: I'm sure this is a pretty stupid question No, it’s not. I'm trying to figure out which files I need to backup to safeguard my keys. I’m assuming you are using GnuPG 2.2 on Windows here (based on your User-Agent). Every

Backup of Keys

I'm sure this is a pretty stupid question but I'm trying to figure out which files I need to backup to safeguard my keys. All the docs I have seen so far are for the older versions of GNUPG before it changed the format of the keys.   Anyway what files (and/or folders) should I be backi

Re: Restoring keyring from backup fails

eyring. I think the problem is > > that the step > >> Replace the content of the .gnupg folder with my backup. > > meant keeping everything in .gnupg, overwriting files that were present > > in the system. Thus, I presume: > > * Before moving over the keys he ran gpg

Re: Restoring keyring from backup fails

xplain things. The fix is pretty easy, though. Check your versions > and let us know what's up. :) GnuPG 2.2 is able to work with an old keyring. I think the problem is that the step > Replace the content of the .gnupg folder with my backup. meant keeping everything in .gnupg, over

Re: Restoring keyring from backup fails

> Any ideas what might be the cause, or how I can find out what's wrong? GnuPG 2.2 changed the way it stores public and private keys. If your old installation was GnuPG 2.0 and the new one is 2.2, that might explain things. The fix is pretty easy, though. Check your versions and let us know wha

Restoring keyring from backup fails

Dear list, I'm trying to restore my full gpg keyring from a backup of my .gnupg folder, but no method I have tried seems to work. What I tried: Create a backup of the entire .gnupg folder on the old system. On the new system, gpg was already installed. Replace the content of the .gnupg f

Re: encrypt linux backup folder using gpg

On Wed, Nov 07, 2018 at 08:56:53AM +0530, Kaushal Shriyan wrote: > Thanks Francesco for the email. I have encrypted the file using my gpg key. > How > do i share the encrypted helloworld.gpg file to the recipients. For example > j...@example.com. Do I need to encrypt the file to the recipients id

Re: encrypt linux backup folder using gpg

On Tue, 6 Nov 2018 06:55, kaushalshri...@gmail.com said: > I am using CentOS 7.5 Linux OS in my setup. I have compressed a folder > using tar utility tar czvf backupfolder.tar.gz backupfolder. Is there a way > to encrypt backupfolder.tar.gz using gpg? Are there any best practices to Sure: tar

Re: encrypt linux backup folder using gpg

Hi Francesco, Thanks Francesco for the email. I have encrypted the file using my gpg key. How do i share the encrypted helloworld.gpg file to the recipients. For example j...@example.com. Do I need to encrypt the file to the recipients id using gpg pub key? Any examples to understand it better. P

Re: encrypt linux backup folder using gpg

On Wed, Nov 07, 2018 at 08:10:48AM +0530, Kaushal Shriyan wrote: > Hi Francesco, > > Whom do i need to contact to correct the examples provided in manual page? I opened a bug in Debian yesterday (after replying to you), albeit with no patch: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=

Re: encrypt linux backup folder using gpg

Hi Francesco, Whom do i need to contact to correct the examples provided in manual page? GPG-ZIP(1) >GNU Privacy Guard > GPG-ZIP(1) > NAME >gpg-zip - Encrypt or sign files into an archive > SYNOPSIS >gpg-zip [options] filename1 [

Re: encrypt linux backup folder using gpg

On Tue, Nov 6, 2018 at 7:12 PM Francesco Ariis wrote: > On Tue, Nov 06, 2018 at 05:32:40PM +0530, Kaushal Shriyan wrote: > > [centos]# ls helloworld/ > > check_cpu_perf.sh check_mem.pl jdk-8u162-linux-x64.rpm > > [centos]# gpg-zip --encrypt --output hellogpg --gpg-args -r kaushal > > Ah, the e

Re: encrypt linux backup folder using gpg

On Tue, Nov 06, 2018 at 05:32:40PM +0530, Kaushal Shriyan wrote: > [centos]# ls helloworld/ > check_cpu_perf.sh check_mem.pl jdk-8u162-linux-x64.rpm > [centos]# gpg-zip --encrypt --output hellogpg --gpg-args -r kaushal Ah, the example in the manual is wrong. This should work gpg-zip --encr

Re: encrypt linux backup folder using gpg

Hi Francesco, Thanks for the reply. I did the below [centos]# ls helloworld/ check_cpu_perf.sh check_mem.pl jdk-8u162-linux-x64.rpm [centos]# gpg-zip --encrypt --output hellogpg --gpg-args -r kaushal helloworld /usr/bin/tar: kaushal: Cannot stat: No such file or directory gpg: missing argument

Re: encrypt linux backup folder using gpg

On 06.11.2018 10:42, Francesco Ariis wrote: > Hello Kaushal, > > On Tue, Nov 06, 2018 at 11:25:47AM +0530, Kaushal Shriyan wrote: >> I am using CentOS 7.5 Linux OS in my setup. I have compressed a folder >> using tar utility tar czvf backupfolder.tar.gz backupfolder. Is there a way >> to encrypt b

Re: encrypt linux backup folder using gpg

Hello Kaushal, On Tue, Nov 06, 2018 at 11:25:47AM +0530, Kaushal Shriyan wrote: > I am using CentOS 7.5 Linux OS in my setup. I have compressed a folder > using tar utility tar czvf backupfolder.tar.gz backupfolder. Is there a way > to encrypt backupfolder.tar.gz using gpg? Are there any best prac

encrypt linux backup folder using gpg

Hi, I am using CentOS 7.5 Linux OS in my setup. I have compressed a folder using tar utility tar czvf backupfolder.tar.gz backupfolder. Is there a way to encrypt backupfolder.tar.gz using gpg? Are there any best practices to use gpg application to encrypt the data. Any help will be highly apprecia

Re: Encrypting 27 TB RMAN Backup with GPG

On 22.10.2018, Satendra Tiwari wrote: > In this case, we want to use GPG to encrypt Oracle backup. We have two > databases of 17 TB and 7 TB they compress to 2.6 TB and 1.3 TB > respectively. > What would be the best way to encrypt our backup and how long would it take? I would c

Encrypting 27 TB RMAN Backup with GPG

Dear users, We want to ship our on-premise Oracle backup to AWS to be upload to AWS S3. Since, AWS Snowball is not available in our country and our internet link is a shared connection, we are limited to send this data in physical drive to AWS DC. Also, we dont have Oracle's ASO licen

Re: Paper backup of all keys

Linux ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backup .gnupg using git

On Sun, Apr 22, 2018 at 1:27 PM, Damien Goutte-Gattat wrote: > On 04/21/2018 05:32 PM, Wink Saville wrote: >> >> Comments on the security of what I'm doing? > > > Can't really tell anything without knowing your adversary (is it Mossad or > not-Mossad? [1]), but here are a few remarks. Not-Mossad,

Re: Backup .gnupg using git

On 04/21/2018 05:32 PM, Wink Saville wrote: Comments on the security of what I'm doing? Can't really tell anything without knowing your adversary (is it Mossad or not-Mossad? [1]), but here are a few remarks. You do not say which version of GnuPG you are using. Assuming you are using the la

Backup .gnupg using git

I created a master key and three subkeys following instructions at [1]. I've backed up the secret keys using paperbackup with a modification to add the sequence count to the backed up data so as to identify any qr-codes that don't get decoded properly [2] and deleted the master secret key. I then

Hacking off-card backup to be on-disk key (was: Importing an off-card backup of the encryption key of a Nitrokey fails with "no user ID")

ted: 2017-10-31 expires: 2017-11-07 usage: A card-no: 0005 106E ssb rsa2048/93104C8F5B4A4714 created: 2017-10-31 expires: 2017-11-07 usage: E card-no: 0005 106E --8<---cut here---end--->8--- We start with damage control. Alwa

Re: Importing an off-card backup of the encryption key of a Nitrokey fails with "no user ID"

Hi Peter, looking for difficult workarounds :-). If I'm wrong about that, just say so and I'll give an example. I'll whip out a blank OpenPGP card, create a test key and do it, posting the results on the list. I was hoping for something simple and I think eventually this should be simple; nev

Re: Importing an off-card backup of the encryption key of a Nitrokey fails with "no user ID"

On 25/10/17 16:15, Ralf wrote: > I was hoping for a simpler workaround to make GnuPG import the key. There is a pretty difficult workaround, using gpgsplit and standard Linux command-line tools. However, I get the sense you're not really looking for difficult workarounds :-). If I'm wrong about th

Re: Importing an off-card backup of the encryption key of a Nitrokey fails with "no user ID"

e key cannot leave the device" argument. So I wondered about the backup option, read up on it (because I am not very knowledgable of using GnuPG yet). I thought it makes sense to have a backup only of the encryption key and live with the risk of losing the signing / authorization key. Not su

Re: Importing an off-card backup of the encryption key of a Nitrokey fails with "no user ID"

There is no tool yet to do this. Let's track this at https://dev.gnupg.org/T3466 thanks, good to know I wasn't missing something obvious here. An option for "--import" sounds great, that was what I was looking for intuitively, something that would allow me to specify the user id / the hash o

Re: Importing an off-card backup of the encryption key of a Nitrokey fails with "no user ID"

Hello, Ralf wrote: > I generated keys on a Nitrokey and have chosen the option to make an > off-card backup of the encryption key: > > gpg: NOTE: backup of card key saved to > `/home/archi/.gnupg/sk_26D728A8F09033F1.gpg' If you want to know the detail, this means that t

Re: Importing an off-card backup of the encryption key of a Nitrokey fails with "no user ID"

On Tue, 24 Oct 2017 21:23, sourcel...@mailbox.org said: > but I had hoped that it is possible to use the backup key without a > card. Any hints here, is this possible? There is no tool yet to do this. Let's track this at https://dev.gnupg.org/T3466 Salam-Shalom, Werner -- D

Importing an off-card backup of the encryption key of a Nitrokey fails with "no user ID"

Hi, I generated keys on a Nitrokey and have chosen the option to make an off-card backup of the encryption key: gpg: NOTE: backup of card key saved to `/home/archi/.gnupg/sk_26D728A8F09033F1.gpg' as described in: https://gnupg.org/howtos/card-howto/en/smartcard-howto-single.html#id25

Importing an off-card backup of the encryption key of a Nitrokey fails with "no user ID"

Hi, I generated keys on a Nitrokey and have chosen the option to make an off-card backup of the encryption key: gpg: NOTE: backup of card key saved to `/home/archi/.gnupg/sk_26D728A8F09033F1.gpg' as described in: https://gnupg.org/howtos/card-howto/en/smartcard-howto-single.html#id25

Backup-Option of 'card-edit->generate' not working as intended?

for a gnupg smartcard and having a backup of the whole keypair for the case that the stick got broken or just to copy the keys to another stick. To keep it simple, I tried the generation option of gpg, that intends to create the keypair and inserting it to the card or respectively create the keys on

Re: GnuPG card && using the backup secret key

On 13/06/17 12:51, Matthias Apitz wrote: > $ gpg2 --edit-key sk_61F1ECB625C9A6C3.gpg Unfortunately you got lost in the advice from multiple people :-). This file sk_... is not a public key. It is just the backup of the material that is in one of the slots of the card. When Werner said &q

Re: GnuPG card && using the backup secret key

El día martes, junio 13, 2017 a las 02:30:05p. m. +0300, Teemu Likonen escribió: > Matthias Apitz [2017-06-13 12:51:01+02] wrote: > > > $ gpg2 --edit-key sk_61F1ECB625C9A6C3.gpg > > Command --edit-key edits a key in your keyring. I'd guess that you want I did 1:1 what Werner suggested; > to im

Re: GnuPG card && using the backup secret key

Matthias Apitz [2017-06-13 12:51:01+02] wrote: > $ gpg2 --edit-key sk_61F1ECB625C9A6C3.gpg Command --edit-key edits a key in your keyring. I'd guess that you want to import keys: gpg2 --import sk_61F1ECB625C9A6C3.gpg Then you can edit them with --edit-key. -- /// Teemu Likonen - .-..

Re: GnuPG card && using the backup secret key

Am 13.06.2017 um 12:20 schrieb Matthias Apitz: >> AFAIK the "backup process" during key creation for the OpenPGP smartcard >> is a bit different: There is no interface / function on the card to >> export a key. Therefore, if you decide to create a backup, a key is >

Re: GnuPG card && using the backup secret key

Hi Matthias, Am 12.06.2017 um 20:12 schrieb Matthias Apitz: > > Please note: I have changed the Subject: of the thread to match better > the real problem. > > During generating the keys on the GnuPG card, one can (and should) > create some backup of the secret key into a f

Re: GnuPG card && using the backup secret key

El día martes, junio 13, 2017 a las 11:58:51a. m. +0200, Werner Koch escribió: > On Mon, 12 Jun 2017 20:12, g...@unixarea.de said: > > > create some backup of the secret key into a file. It is totally unclear > > to me how to make something usefull out of this file, for exa

Re: GnuPG card && using the backup secret key

El día martes, junio 13, 2017 a las 11:52:46a. m. +0200, Thomas Jarosch escribió: > > Please note: I have changed the Subject: of the thread to match better > > the real problem. > > > > During generating the keys on the GnuPG card, one can (and should) > > create

Re: GnuPG card && using the backup secret key

On Mon, 12 Jun 2017 20:12, g...@unixarea.de said: > create some backup of the secret key into a file. It is totally unclear > to me how to make something usefull out of this file, for example import > it into a "normal" secret keyring to use it in case of the GnuPG acrd To try

GnuPG card && using the backup secret key

Please note: I have changed the Subject: of the thread to match better the real problem. During generating the keys on the GnuPG card, one can (and should) create some backup of the secret key into a file. It is totally unclear to me how to make something usefull out of this file, for example

Re: Announcing paperbackup.py to backup keys as QR codes on paper

Hi Peter, > So I think the three initial bytes of an MD5 would work well to detect > typing errors. I just implemented the line checksums as discussed. Kind regards, Gerd ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mail

Re: Announcing paperbackup.py to backup keys as QR codes on paper

On 27/02/17 11:50, Gerd v. Egidy wrote: > echo -n "line content to check" | md5sum | cut -c -6 Yes, that should work just as well in practice, I think. 24 bits of checksum is slightly weaker than 32, but I don't think it matters. > But I think a collision at the first 3 bytes is less likely with

Re: Announcing paperbackup.py to backup keys as QR codes on paper

Hi Peter, thank you very much for helping with paperbackup.py and sending your python code. > > Ideally it is a tool or combination of tools already deployed widely, like > > sed and sort I used in paperrestore. This would make the checksums still > > usable even when the source to paperbackup.p

Re: Announcing paperbackup.py to backup keys as QR codes on paper

By the way, don't worry about the license. I just slapped it on there because you need /something/. (I didn't even look at paperbackup.py's license, which was dumb, I would have put an MIT license on it otherwise.) If you're going to use it, I assume you're just going to embed the few lines of cod

Re: Announcing paperbackup.py to backup keys as QR codes on paper

Crap, silly me... why do I always notice these things only after I've hit send? On 24/02/17 17:17, Peter Lebbing wrote: > The following Python: > from posixcksum import PosixCkSum from base64 import b64encode crc, _ = PosixCkSum.sum_whole(bytearray(b'123456789')) b64encode(crc

Re: Announcing paperbackup.py to backup keys as QR codes on paper

On 23/02/17 13:36, Gerd v. Egidy wrote: > So I think that this would move the bar for a possible user of paperbackup.py > higher than I want to. Yes, it should be easy to use. In fact, I've sometimes heard the complaint that "paperkey is not easy to install and/or use". That's really too bad th

Re: Announcing paperbackup.py to backup keys as QR codes on paper

bout the availability of gnupg as > much > as qrcodes. If there is still software that can work with OpenPGP v4 keys, then you can restore your private key from your paperkey-style backup. If there is no more software that can work with OpenPGP v4 keys, what are you going to do with your restor

OpenPGP third-party certifications do not imply trust [was: Re: Announcing paperbackup.py to backup keys as QR codes on paper]

[ not on-topic for this thread, hence the subject change ] On Thu 2017-02-23 05:00:54 -0500, Gerd v. Egidy wrote: >> The certificate (aka public key) includes all signatures, all the data >> on the keyserver. It's data you don't really need to back up since it is >> public, and it can be huge. My

Re: Announcing paperbackup.py to backup keys as QR codes on paper

On Thu 2017-02-23 03:54:12 -0500, Thomas Jarosch wrote: > In the interest of humanity and the cause of science, I've just tried again > with a throwaway key :) This time it worked just fine. The "only" thing > that's > changed is that I've upgraded from Fedora 22 to Fedora 25 since I last tried.

Re: Announcing paperbackup.py to backup keys as QR codes on paper

Il 23/02/2017 11:00, Gerd v. Egidy ha scritto: > If we are talking centuries, I'd worry about the availability of gnupg as > much > as qrcodes. Both are publicly available standards, but I don't know if they > are still available and understandable by then. I'd recommend going to > plaintext o

Re: Announcing paperbackup.py to backup keys as QR codes on paper

> You might consider using a font designed for OCR rather than the current > font. I tried to change to OCR-B or Inconsolata http://stackoverflow.com/questions/316068/what-is-the-ideal-font-for-ocr but getting that to work with enscript is not easy, as you have to find and install afm and pfb i

Re: Announcing paperbackup.py to backup keys as QR codes on paper

Hi Daniel, On Wednesday, 22 February 2017 15:50:21 CET Daniel Kahn Gillmor wrote: > On Wed 2017-02-22 10:10:51 -0500, Thomas Jarosch wrote: > > I've tried paperkey with Gnupg 2.1.13 and it had trouble parsing the > > secret > > key data. May be the internal packet format changed or needs adaption.

Re: Announcing paperbackup.py to backup keys as QR codes on paper

> I'm a little > surprised that your code is as large as it is, too: using an alternate > pipeline you might be able to significantly reduce code size. > > (a) use Python 3's gpg module to export the secret key > (b) paperkey --output-type raw --secret-key key.gpg --output key.raw I want paperbac

Re: Announcing paperbackup.py to backup keys as QR codes on paper

Hi Peter, > The certificate (aka public key) includes all signatures, all the data > on the keyserver. It's data you don't really need to back up since it is > public, and it can be huge. My key.asc file is 137,424 bytes following > your instructions. Seems you are trusted by much more people tha

Re: Announcing paperbackup.py to backup keys as QR codes on paper

On February 21, 2017 9:34:17 AM EST, "Gerd v. Egidy" wrote: >Hi, > >I'd like to announce a program I wrote to backup GnuPG and SSH keys as >qrcodes on paper: > >paperbackup.py >https://github.com/intra2net/paperbackup > Just wanted to say thanks for sha

Re: Announcing paperbackup.py to backup keys as QR codes on paper

On 22/02/17 16:10, Thomas Jarosch wrote: > May be the internal packet format changed or needs adaption. It is not an internal packet format by the way, it is defined in RFC 4880 (OpenPGP Message Format). And all GnuPG versions output their keys formatted according to OpenPGP, so the problem you're

Re: Announcing paperbackup.py to backup keys as QR codes on paper

On 22/02/17 16:10, Thomas Jarosch wrote: > When I think about long term storage, I'd rather rely on the full data > instead of a snippet of the openpgp packets. I understand that. However, let me point out that any errors parsing will only occur while *creating* a backup with paperk

Re: Announcing paperbackup.py to backup keys as QR codes on paper

ed or needs adaption. When I think about long term storage, I'd rather rely on the full data instead of a snippet of the openpgp packets. The argument about re-downloading the public key from the keyservers is valid though, but for the secret key a full backup is preferred in our use case. It

Re: Announcing paperbackup.py to backup keys as QR codes on paper

> Oh, as an aside, the advantage of paperkey is that it is > self-describing. I'll chime in with another recommendation for Paperkey. I'm a little surprised that your code is as large as it is, too: using an alternate pipeline you might be able to significantly reduce code size. (a) use Python 3

  1   2   3   >