from Hacker News

Ask HN: How do you manage PGP/SSH key backups?

by xanthine on 11/3/20, 10:20 AM with 1 comments

With different SSH keys being used for different git repos, I was considering adding those keys to my GPG keyring (which also holds those PGP keys that I use for storing passwords with pass, and signing commits), as outlined in this article:

https://opensource.com/article/19/4/gpg-subkeys-ssh-multiples

I'm however skeptical of this, as it seems like a hack at best (if this was common enough, we wouldn't have to use options like '--expert' and '--edit-key' with gpg). I'm curious as to how most people take backups of their keys, and store them securely.

  • by Hackbraten on 11/3/20, 11:04 AM

    All my SSH keypairs are files so they’re part of my usual backup regimen with hourly, daily and weekly filesystem snapshots, copied to several backup locations.

    I wouldn’t bother though if I lost my SSH keys. I’d just create and deploy new ones and invalidate the lost public keys on the servers.

    No strategy yet for PGP keys, though.