Differences between revisions 1 and 2
Revision 1 as of 2017-08-31 21:57:31
Size: 2031
Comment: Pasted modified text from https://lists.debian.org/debian-project/2017/08/msg00054.html (Jonathan McDowell )
Revision 2 as of 2017-08-31 22:09:46
Size: 2626
Comment: Some notes after reading https://lists.debian.org/debian-project/2017/08/msg00056.html(Christian Seiler)
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
Keeping the master key offline reduces the risk that it is stolen. Using [[Subkeys|subkeys]] and keeping the master key offline reduces the risk
that it is stolen. Subkeys can be revoked easily without compromising
the master key and losing its connection to the web of trust.
Line 10: Line 12:
environment. Create at least 2 [[Subkeys|subkeys]] - signing + encryption - environment.  Encryption (LUKS) of the filesystem provides additional
security, as it hides the the fact that the USB device contains a GPG key.
Create at least 2 [[Subkeys|subkeys]] - signing + encryption -
Line 26: Line 30:
key that is signing enabled might be the best option? key that is signing enabled might be the best option? Some dongles
can be configured to remember the passphrase for some time. It may
be better to not remember the one of the signing key, but remembering
the one of the encryption key for short while may be acceptable.
Line 38: Line 45:
 * Yubikey: Recent models are entirely closed. However they're easily
  
available and physically robust.
 * !YubiKey: Recent ([[Smartcards/YubiKey4|YubiKey 4]]) models are entirely
  
closed. However they're easily available and physically robust.  The
   !YubiKey Neo does not support 4096-bit RSA keys.

Offline master key

Using subkeys and keeping the master key offline reduces the risk that it is stolen. Subkeys can be revoked easily without compromising the master key and losing its connection to the web of trust.

If you don't want to buy ?hardware, use an offline master key. See ?GnuPG/Airgapped for a comprehensive step-by-step example. In brief: Create a certification only master key using something like PGP Clean Room on a non-networked host, and store that on a USB key you only ever put into your machine when running your clean, non-networked, environment. Encryption (LUKS) of the filesystem provides additional security, as it hides the the fact that the USB device contains a GPG key. Create at least 2 subkeys - signing + encryption - and use those in your day to day work. You then only need the master key when dealing with signing other keys, or updating your subkeys. In the event of your subkeys being compromised or lost or whatever you can just regenerate; because your master key is offline it should remain secure meaning you don't have to go through the pain of getting cross signatures again.

If you want to buy hardware then one of the self contained USB tokens that look like a smartcard + reader to the OS is probably easiest. Unfortunately, most (all ?) only supports 3 keys on the device and those are one each of signing, encryption + authentication. Which means one can't have a master certification key and a signing subkey on the same device. Thus, if you can manage it, have 2 devices; one with the master and the other with your day-to-day keys. Otherwise I guess having a master key that is signing enabled might be the best option? Some dongles can be configured to remember the passphrase for some time. It may be better to not remember the one of the signing key, but remembering the one of the encryption key for short while may be acceptable.

Notes on hardware:

  • GnuK: Supports RSA4096 (but is slow). The hardware is open. The software
    • is open (you can compile and flash it using tools available in main). Upstream is responsive (and a DD). However it's physically not quite as polished and there are availability issues.
  • Nitrokey Start: Based on the GnuK (note their other devices are not) and
    • might be more physically robust will still being reasonably Free.
  • YubiKey: Recent (YubiKey 4) models are entirely

    • closed. However they're easily available and physically robust. The

      YubiKey Neo does not support 4096-bit RSA keys.