3

According to a number of articles, e.g. "Creating the Perfect GPG Keypair," it is advisable to have a number of subkeys in your GPG key, one for encryption, and one for signing, and then to (a) back up your keys as well as a revocation certificate [ideally on paper too] and (b) remove the "primary" signing secret key from your laptop, so that gpg -K returns:

/home/bilbo/.gnupg/secring.gpg
-----------------------------
sec#  4096R/488BA441 2013-03-13
uid                  Bilbo Baggins <bilbo@shire.org>
ssb   4096R/69B0EA85 2013-03-13
ssb   4096R/C24C2CDA 2013-03-13

... with the goal being that if your laptop is stolen you can properly revoke the keys.

I use Filevault 2 on my Mac & also have a firmware password -- so hopefully if my laptop is stolen or lost, I won't have to be concerned that someone will be able to access the data. Is it truly necessary to remove the primary signing secret key? I'm mostly concerned that I will lose the backups of the secret key and thus lose access to the keys.

Jason
  • 1,319
  • 10
  • 17

1 Answers1

3

Yes

Although you have taken good precautions against loss or theft of your laptop, you remain vulnerable to electronic attacks. In particular browser-based malware could take control of your computer and steal your PGP key.

The point of using subkeys is that you keep the master key somewhere really safe - which is not your everyday laptop. There have been other questions on here about where to keep your keys safe. A popular suggestion was to print out a QR code encoding of your key, and keep the printout safe.

Community
  • 1
paj28
  • 32,736
  • 8
  • 92
  • 130