I’m interested to know whether you have a specific process or tool you use for managing your PGP keys?

I was thinking it’d be great if Lemmy allowed you to use PGP to verify your identity across multiple users on different instances. This made me think I need a good way to make sure I never lose my keys!

  • benkinder@infosec.pub
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    I install my keys on 5 Yubikeys and then encrypt a copy of the private key so that it can only be decrypted with one of the Yubikeys. I store the encrypted bundle on Google drive and I’ve spread out the Yubikeys a little geographically by sending them to friends who I trust (PIN is still required to use the Yubikey so there’s still a layer of security). I also keep one of them in a safe at my house just in case.

    I do feel like I may have gone a little overboard but maybe something similar could work for you!