Should I backup a GPG key used for Authentication?



  • Regarding backups (escrows) of GPG (OpenPGP compliant) keys, I seem to understand that (E)ncryption keys need to be backed up, to prevent data loss, and that (S)igning keys should not be backed up, because it is crucial that the owner is absolutely certain that they are the only one who can use the signing key at any moment.

    Is there a good protocol regarding backing up (A)uthentication keys? I could imagine no backups because only you want to be able to authenticate yourself, but on the other hand if you lose your authentication key and you need to ssh into a VPS with it, you're out of luck (but with a server at home you could just wait to get physical access to replace the public ssh key).

    So does it depend on your situation? I'm asking this question because I am using a Master (C) key with separate Encryption, Signing, and Authentication subkeys. I could conceive of making a Master (CA) key, and then put two public authentication keys on your VPS-- one tied to your (CA) Master key and the other to your (A) Subkey-- so in case you lose your (A) subkey, you can dig up your basement, get your (CA) Master key, and ssh into the VPS to remove the old (A) Subkey public key and add a new (A) Subkey public key.

    Thanks in advance.



  • In general, you should back up data you think is valuable and don't want to lose, especially data that you cannot easily recreate. Whether that applies in this case, since you can create a new signing key (assuming you have a revocation certificate for the old one) is up to you. There is no single right answer for this case.

    Note that backups need not be done insecurely. I use Tarsnap for backups, which is a service that implements client-side encryption and deduplication, so all the server sees is just chunks of encrypted data. Therefore, I feel comfortable backing up things like secret keys since only I can get at the data.



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2