Very Secure File Storage

Jeffrey F. Bloss jbloss at tampabay.rr.com
Wed Nov 28 14:19:55 GMT 2007 

Joel Bryan Juliano wrote:

> I just lost my USB thumbdrive in an Internet Cafe.
> And it contains my private PGP key. Luckily I have a backup.

By all definitions those keys are now compromised, and you should
submit the revocation certificates you previously created to all the
appropriate people and places.

Um, you *did* create revocation certificates when you generated the
keys, and secret them away for just such an occasion... right? ;)

> 
> I don't trust storing my private PGP keys on my e-mail,
> because before this message was sent to this mailing-list and to
> everyone's e-mail addresses, it'll be passed to thousands (or millions) of
> computer
> around the world. Any sinister IT administrator in my ISP can grab my files
> or change "Dear Joel" to "Dear X" while it's queue to be transmitted to
> other
> computers and to it's destination.

I don't quite understand what you mean by "storing your private keys on
your e-mail"....??

> Is there a very secure, encrypted and free file storage that I can store
> and upload my private PGP keys while I still doesn't have a USB
> thumbdrive?

Storing your encryption keys anywhere but on a machine or device under
your direct control is, by definition, not secure. No matter how you
look at it you're handing the keys to the fortress over to a third
party, and it's for all intents and purposes impossible to completely
lock that third party out of the loop. 

I store all my private keys in a Truecrypt volume about the size of a
256M thumb drive. I have a copy of that encrypted volume on my laptop,
and one on a thumb drive. Neither can be accessed without being mounted
using a very strong "master" pass phrase, and I sync the copies as
necessary so they serve as backups for each other. 

To make use of the keys I point config files to my mount point or
create symlinks accordingly. My gpg.conf file has a stanza similar to
this for example...

 [...]
 no-default-keyring
 keyring /home/jeff/.gnupg/pubring.gpg
 secret-keyring /home/jeff/foo/.gnupg/secring.gpg
 [...]

...where "foo" is my Truecrypt volume mount point. This leaves the
public keyring available in the default location at all times to verify
incoming signed mail and such, but the secret keyring is unavailable
without the encrypted volume being mounted.

Likewise, since I use key-only SSH access everywhere I have control over
things, in my ~/.ssh directory I symlink id_dsa and id_rsa
to /home/jeff/foo/.ssh/id_dsa and ...id_rsa. Again, the links point to
dead air unless the Truecrypt volume is mounted to /home/jeff/foo.

The actual internal structure of my Truecrypt volume contains the
appropriate .gnupg, .ssh, etc directories of course.

To wrap it all up I have a couple short scripts that mount and unmount
my Truecrypt volume(s) with easy commands instead of typing in full
paths, and some additions to my .bash* files that make sure nothing is
left wide open when I log out.

In my humble opinion this is even more secure than keeping your keys
exclusively on removable media even though there's a copy on the
machine itself. If either the machine or the thumb drive is lost
or stolen the keys themselves are inaccessible, let alone unusable due
to any passwords associated with the keys themselves. :)

-- 
     \|/      Not everything that can be counted counts, and
    (- -)       not everything that counts can be counted.
-oOO-(_)-OOo----------------------------[ Albert Einstein ]---
               np: Fangbaby - Pumpkinhead is Tough But Fair
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 903 bytes
Desc: not available
Url : https://lists.ubuntu.com/archives/sounder/attachments/20071128/db52b8bc/attachment.pgp

More information about the sounder mailing list