Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

To backup the passwords a copy of ~/.password-store/ is enough, but to completely recover, a backup of the gpg keys is also required. What's your strategy for this? Do you just backup the entire ~/.gnupg/ directory?


Hardware Yubikeys (2 for daily use, one as backup) with a paperkey backup.

If my main key breaks, I can switch to the backup key which gives me a buffer to setup a new key from my backup.

The ArchWiki has a decent guide: https://wiki.archlinux.org/index.php/Paperkey


I use passphrase2pgp[1] so I can recreate my GPG key anywhere. I need to remember three pieces of information:

- passphrase (long sentence, but it's easy to remember) - uid (Name <email> - easy) - timestamp (10 digits - kinda hard to memorize but you can have it noted is plain text since it's not sensitive information)

[1]: https://github.com/skeeto/passphrase2pgp


I have my key on multiple devices (e.g. my phone where I use the Password Store app). Then I have backups of the key as .asc on USB drives as well as printed on paper at two different physical locations.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: