What’s the benefit to this setup? Since your master keypair isn’t stored on your traveling laptop, that means you can revoke the subkeys on your laptop should your laptop be stolen. Your laptop keypair is what you’ll use for day-to-day GPG usage. This transforms your master keypair into your laptop keypair. Then use GPG to remove the original signing subkey, leaving only the new signing subkey and the encryption subkey. Your master keypair is the one whose loss would be truly catastrophic.Ĭopy your master keypair to your laptop. Store it in a protected place like your house or a safe-deposit box. This new subkey is linked to the first signing key. Use GPG to add an additional signing subkey to your keypair. By default GPG creates one signing subkey (your identity) and one encryption subkey (how you receive messages intended for you). The concept behind this technique is as follows:Ĭreate a regular GPG keypair. But they can help mitigate the damage to your identity should your key be lost or stolen. Subkeys can’t prevent a thief from decrypting messages intended for your private key. Part of the answer to this problem is the concept of subkeys. Your only recourse would be to revoke your key, but that would mean losing years of signatures on that key and basically creating a massive inconvenience for yourself. The thief can not only decrypt messages intended for you, they can also impersonate you by signing messages with your private key. If a thief gets ahold of the laptop with your private key on it, it’s pretty much game over. Subkeys help protect your identity in case of private key (laptop) theft Fortunately it turns out this wiki page has exactly the solution we need. But I could only find one resource: the Debian Wiki entry on subkeys.
Conver gpg for outlook 2013 how to#
You’d think that today, where laptops and world travel are commonplace, there’d be a little more information on how to secure a private key you have to travel with. On the other hand, if your laptop is stolen then you risk losing your entire online identity, perhaps going back years, because the thief would have access to your private key and could then impersonate you. On one hand, you need your private key with you to decrypt or sign messages. Protecting your keypair on a laptop is tricky. There also isn’t too much information on how to protect your keypair if you use a laptop that might get lost or stolen. Unfortunately a lot of it is old advice and recommends settings that today might be unsafe.
There’s a lot of information online on how to create a new GPG keypair. While I’ll do my best to keep this guide updated with what I personally consider to be the latest best practice, I can’t guarantee anything and I can’t answer any GPG-related questions. Please make sure to do your own research to ensure the explanations and steps below make sense for you and your situation. There are a lot of ways of creating a functional keypair, and my perfect way may not be your perfect way.
Conver gpg for outlook 2013 software#
The encryption technology landscape can change rapidly, the PGP standard is bewilderingly complex, and GPG is a stunningly obtuse piece of software on the best of days. I’m just an enthusiast who thinks encryption is a critical part of modern society. This guide was created by synthesizing a lot of different information and tutorials available online, but I’m not a GPG developer, or even a cryptography professional. Creating the perfect GPG keypair March 13 th, 2013īefore you start reading, keep in mind that I’m a layperson, just like you. I’m a software developer who runs Scribophile, an online writing group for serious writers, Writerfolio, an online writing portfolio service for freelancers, and Standard Ebooks, an open source project that produces liberated ebooks for the true book lover. Creating the perfect GPG keypair - Alex Cabal Alex Cabal