[Sussex] Possible presentation
Colin Tuckley
colin at tuckley.org
Sun Oct 29 08:56:08 UTC 2006
Stephen Williams wrote:
> 3. Do I store the whole ~/.gnupg directory on the USB drive and symlink
> ~/.gnupg to it?
You could do, but...
that would mean that you would need your usb drive plugged in for *any* gpg
operation.
What I do is to move *just* the secret keyring file (secring.gpg) onto my
usb drive and then add the following line to my ~/.gnupg/gpg.conf
secret-keyring /path/to/usb/drive/secring.gpg
That way the public keyring is always available and things like checking the
sig on an email doesn't need you to plug your usb drive in.
This a) saves time when reading email and b) is more secure since you secret
key is not mounted unnecessarily.
Other useful options to set in gpg.conf are:
default-key <your key Id> #The default key to use for signing
keyserver hkp://subkeys.pgp.net # a default keyserver to use
keyserver-options auto-key-retrieve # get a key you don't have but
# need to check a sig automatically
regards,
Colin
--
Colin Tuckley | colin at tuckley.org | PGP/GnuPG Key Id
+44(0)1903 236872 | +44(0)7799 143369 | 0x1B3045CE
A. Because it breaks the logical sequence of discussion Q. Why is top
posting bad?
More information about the Sussex
mailing list