Subject: Re: wanted: educate us please on key dongles



On 02/08/17 21:16, Adam Borowski wrote:
> Hi!
> Continuing from IRC:
> It would be nice if someone knowledgeable could educate the rest of us about
> physical key dongles -- a number of DDs/DMs/contributors still keep their
> secret keys on a regular disk, and could use a primer. Me included. I do
> have a backup key with plenty of sigs that's stored securely, but my regular
> key is on the same physical machine I test random software on.
>
> There are docs available on the interwebs, but:
> 21:22 < lamby> The concept of following random docs/commands on the web in
> order to get a "super secure" key makes me smie :)
>
> There's GNUK ("out of stock"), Nitrokey and others -- but how do they
> differ? Actually, at this point it would be easier to skip the details and
> say "if you don't know any better, buy X".
>
>
> Thus: can I has "key dongles for dummies", plz?

We do have documents but they are spread over the wiki, some of them
contain duplicate information and they link back and forth between each
other. Examples below.

How could we refine that into a step-by-step "howto" guide that takes
any user from whatever situation they are in today (whether it is bare
metal or already using some other OS or an existing Debian user) and
helps them reach a place where they are using PGP securely?


https://keyring.debian.org/creating-key.html
https://wiki.debian.org/Keysigning

https://wiki.debian.org/Smartcards

https://wiki.debian.org/Smartcards/OpenPGP">https://wiki.debian.org/Smartcards/OpenPGP

https://wiki.debian.org/Smartcards/OpenPGP/Buying
https://wiki.debian.org/Smartcards/YubiKey4
https://wiki.debian.org/GnuPG/SmartcardSubkeys







Programming list archiving by: Enterprise Git Hosting