PGP/GPG private key management for offsite backups
Hi, I've got an offsite backup of some of my data, in case my apartment burns down etc. Since I dont have full control of the backup machine, I encrypt my data using PGP/GPG, and then upload to the backup service host. This is so far well and good. The GPG private key is on the machine in my apartment, beside possibly a copy being on some old floppy or CD-R. What happens if my apartment burns down? I will have my data backed up nice and snug on the backup service host. But since I cannot remember a 4096bit PGP private key pair, I would be in a bit of a bind. Could anyobne please offer some strategies to overcome this? I think someone on irc suggested some time ago that I mail my parents a copy of my key pair... but I'm not sure I'd want to do that (they might lose it). Thanks Srdjan
On Sun, 19 Oct 2008 15:01:35 +0100 (BST) Srdjan Todorovic <todorovic.s@googlemail.com> allegedly wrote:
I've got an offsite backup of some of my data, in case my apartment burns down etc. Since I dont have full control of the backup machine, I encrypt my data using PGP/GPG, and then upload to the backup service host.
This is so far well and good.
The GPG private key is on the machine in my apartment, beside possibly a copy being on some old floppy or CD-R.
What happens if my apartment burns down? I will have my data backed up nice and snug on the backup service host. But since I cannot remember a 4096bit PGP private key pair, I would be in a bit of a bind.
Could anyobne please offer some strategies to overcome this?
I think someone on irc suggested some time ago that I mail my parents a copy of my key pair... but I'm not sure I'd want to do that (they might lose it).
Well you could keep a copy (on the medium of your choice) at your place of work - assuming you don't work at home of course. Only you can decide the value of your data and the risk you are prepared to carry. If the data is so valuable that you are prepared to spend hard cash to protect it, then you could do what people have done for many years with paper documents and pay for a "safety deposit box" type approach and rent space with a document storage company (think yellow box, but smaller). Personally I have a safe in my garage (which is not attached to my house). Mick --------------------------------------------------------------------- The text file for RFC 854 contains exactly 854 lines. Do you think there is any cosmic significance in this? Douglas E Comer - Internetworking with TCP/IP Volume 1 http://www.ietf.org/rfc/rfc854.txt ---------------------------------------------------------------------
Srdjan Todorovic <todorovic.s@googlemail.com> wrote: [...]
I will have my data backed up nice and snug on the backup service host. But since I cannot remember a 4096bit PGP private key pair, I would be in a bit of a bind.
Could anyobne please offer some strategies to overcome this? [...]
Get a fireproof box and put some copies of the private key in it. Get multiple boxes and put them in different locations, but redundancy and security are a trade-off. I think the only thing that will get me and all my backups is a meteor taking out the UK, but at that point, I've got bigger worries. Most stuff I can rebuild, stronger than before. At work we just, ahem, tested our disaster recovery plan again. See http://planet.alug.org.uk/ Regards, -- MJ Ray (slef) Webmaster for hire, statistician and online shop builder for a small worker cooperative http://www.ttllp.co.uk/ http://mjr.towers.org.uk/ (Notice http://mjr.towers.org.uk/email.html) tel:+44-844-4437-237
On 21 Oct 13:48, MJ Ray wrote:
Srdjan Todorovic <todorovic.s@googlemail.com> wrote: [...]
I will have my data backed up nice and snug on the backup service host. But since I cannot remember a 4096bit PGP private key pair, I would be in a bit of a bind.
Could anyobne please offer some strategies to overcome this? [...]
Get a fireproof box and put some copies of the private key in it. Get multiple boxes and put them in different locations, but redundancy and security are a trade-off. I think the only thing that will get me and all my backups is a meteor taking out the UK, but at that point, I've got bigger worries. Most stuff I can rebuild, stronger than before.
Well, in the event of mereorite or nuclear war wiping out the UK, unless you're not in the UK at the time, I don't think you'll have many worries at all ;) -- Brett Parker
On 21-Oct-08 13:07:53, Brett Parker wrote:
On 21 Oct 13:48, MJ Ray wrote:
Srdjan Todorovic <todorovic.s@googlemail.com> wrote: [...]
I will have my data backed up nice and snug on the backup service host. But since I cannot remember a 4096bit PGP private key pair, I would be in a bit of a bind.
Could anyobne please offer some strategies to overcome this? [...]
Get a fireproof box and put some copies of the private key in it. Get multiple boxes and put them in different locations, but redundancy and security are a trade-off. I think the only thing that will get me and all my backups is a meteor taking out the UK, but at that point, I've got bigger worries. Most stuff I can rebuild, stronger than before.
Well, in the event of mereorite or nuclear war wiping out the UK, unless you're not in the UK at the time, I don't think you'll have many worries at all ;)
-- Brett Parker
On the contrary, Mr Parker, I fear you have misunderstood the matter. During the period while the event is pending, I shall take every step to ensure that people (including Mr Ray) will have plenty to worry about. It is a matter of record that I am very good at this. Be very afraid. With all best wishes, Yours most sincerely, ZB. zaphod.beeblebrox@cosmos.god.disorg
participants (5)
-
Brett Parker -
mbm -
MJ Ray -
Srdjan Todorovic -
Ted.Harding@manchester.ac.uk