How can I keep my gpg private key on removable media in Windows?

2

I use GPG through Cygwin on Windows. I don't want to store my key on my laptop as a convenient file for a casual tech-savvy thief to grab if they steal the machine, so I'd like to keep it on a USB that I can keep with my house keys (I'm aware that this isn't hyper-secure, and I'm sure the keys would be forensically-retrievable from the machine, but I don't really care about that).

How can I do this? I want GPG to look for my keyring elsewhere, not .gnupg. I don't think a command-line flag to GPG would do it, because I'm using programs that invoke GPG and can't forward the flags.

Am I missing a configuration option?

Archeus

Posted 2014-08-26T21:48:42.520

Reputation: 23

Is it possible? Yes; There is no difference between storing the key on the hdd or a flash drive. You just have to point it to that directory. – Ramhound – 2014-08-26T22:20:54.503

Please read the post. By default, GPG looks for my keystore in ~/.gnupg. I need to tell it to look in (for example) e:\keystore instead, and I don't know how. – Archeus – 2014-08-26T22:22:43.820

So change where GNUPG looks for it. – Ramhound – 2014-08-26T22:28:36.397

Yes. You have identified the question. – Archeus – 2014-08-26T22:31:48.033

Answers

1

Move all of .gnupg to your USB stick. The native GnuPG for Windows builds have a registry setting, but the most portable option (working with both native and Cygwin versions) is to set the GNUPGHOME environment variable.

If your Windows version has setx, run it from the Command Prompt:

C:\> setx GNUPGHOME A:\Private\gnupg

Otherwise, open the "System" Control Panel item (sysdm.cpl), go to the "Advanced" tab, and add the environment variable there.

Log out & log in again to make sure all programs have picked up the change.

user1686

Posted 2014-08-26T21:48:42.520

Reputation: 283 655

Asked: 2014-08-26T21:48:42.520

Viewed: 287 times

Active: 2014-08-26T22:24:29.233