[SOLVED] How do you keep GnuPG Keys safe?

[jpmelos]

I assume everyone keeps their keys somewhere safe, in case they had to fresh-install their operational system, or something unusual happened.

Point is, how do you keep your keys safe?

I had to fresh-install my Ubuntu and (didn't know exactly how PGP worked) didn't backup my keys, so I had to make a new pair. Now I want to back it up. I find keeping it on my pen drive, iPOD or something like that too insecure. What if I forget them at the college lab? Or at work? Where (or how) could I store my keys with maximum security?

P.S.: I wish sci-fi underskin nanodrives were real now! Haha!

[kevdog]

There is no formula for this -- you need to guard your gnupg keys and then protect them with a very difficult password.

[Dr Small]

I store my GPG keys on my server, because I actually use the keys to encrypt/decrypt stuff on the server, but it's there for a backup too. A thumb drive/floppy disk would work for me, since I keep careful track of my things.

[teddks]

They're on an encrypted flash drive duct-tapped to my torso at all times.

[Kinstonian]

Key management always poses challenges regardless of the type of encryption used. You should definitely do what kevdog suggested and use a strong passphrase. If you want more, you could use steganography, and/or keep it on an encrypted TrueCrypt container.

[tubbygweilo]

I use Truecrypt protected containers on several differing machines with some machines not even having Truecrypt installed. I also have them Truecrypt protected within the home private directory and on dvds dotted about the place.

[jpmelos]

Oh, well, OK then. It's not that I don't keep track of my things. I've never lost a pen drive. But things happen... Thanks, people.

[insane_alien]

i have a backup of my keys on a usb pen in a safe thats bolted to the floor. the passphrases are in my head.