same private key at multiple accounts

same private key at multiple accounts

Post by F. Reine » Wed, 25 Jun 2003 03:39:39



Saluton,

Short version:

    How do I use the same private/public key pair at several accounts?

Long version:

I've been using GPG for some time, mainly to secure the transmissions of
jobs
to be executed on a remote account or to update web pages etc.; as
encryption
was done only by me or some script, there was no problem with using a
separate
key for every account involved.

Now, however, I want to start using GPG for regular e-mail, and I am not
quite
sure on how to handle the following situation:

- There are two accounts, A and B;

- any mail that arrives at A and survives spam filters is kept for some
time
  as a local copy at A and forwarded to B as well;

- I want to be able to decrypt the message at both A and B.

Clearly I could use two different keys for the two accounts and tell
people
that they should encrypt the message to both A and B, but this is
impractical
to say the least; the alternative is to have the same private key on
both accounts.

I know how to generate a key with GPG at A, but how can I get B to use
the same
key for decrypting; in particular, how can I transmit the private key?
Is it
sufficient to just copy a couple of files from one machine to the other?
And how
will that affect any private keys already in use there?

TIA,

Albert.

P.S.: Please do not Cc: to the adress from where I am sending; if you
want,

 
 
 

same private key at multiple accounts

Post by Neil W Ricker » Wed, 25 Jun 2003 04:28:42



>I know how to generate a key with GPG at A, but how can I get B to use
>the same
>key for decrypting; in particular, how can I transmit the private key?

        gpg --export-secret-keys keyid

then import on the other machine.

 
 
 

same private key at multiple accounts

Post by Paranoi » Wed, 25 Jun 2003 11:53:42


Do not transmit the key, carry it on secure media (secure as in you have
physical control over it).

You can import any number of keys and as long as you know the pass phrase,
the corresponding key will be used.




> >I know how to generate a key with GPG at A, but how can I get B to use
> >the same
> >key for decrypting; in particular, how can I transmit the private key?

> gpg --export-secret-keys keyid

> then import on the other machine.

 
 
 

same private key at multiple accounts

Post by F. Reine » Wed, 25 Jun 2003 21:23:14


Paranoid:

> Do not transmit the key, carry it on secure media (secure as in you have
> physical control over it).

> You can import any number of keys and as long as you know the pass phrase,
> the corresponding key will be used.



> > gpg --export-secret-keys keyid

> > then import on the other machine.

Thanks a lot; I take it that scp should be fine, though?

Regards,

Albert.

 
 
 

same private key at multiple accounts

Post by Frederic Woodbrid » Thu, 26 Jun 2003 02:38:15



> Thanks a lot; I take it that scp should be fine, though?

> Regards,

> Albert.

Yes, that should be sufficient. However, if you're truly paranoid, use
the most secure method of transfer. Then again, you may be mugged on
your way from one location to another...oh boy, the mind boggles! :-)