SLUG Mailing List Archives
[SLUG] key management for pgp keys
- To: slug <slug@xxxxxxxxxxx>
- Subject: [SLUG] key management for pgp keys
- From: Ken Foskey <foskey@xxxxxxxxxxxxxxxx>
- Date: Fri, 13 Feb 2004 22:15:16 +1100
At work we have a client that wants to keep data encrypted during
transfers end to end. They would like to use pgp to encrypt their data
(changing to ssh would take a crowbar and lot's of time).
If we have their public key installed on our three separate computer
systems on three sites then there is 3 times the opportunity for the key
to be compromised. How do others deal with it.
a) Store it in three places and ensure that only one individual can use
it in those three places.
b) Use some sort of central repository, pull the key at need (eg ssh
and scripting to delete after use).
Any other thoughts on how to protect the keys?