Image of the glider from the Game of Life by John Conway
Skip to content

My GnuPG Locality Problem

I ran into a problem. I need to have GnuPG wherever I am, mainly due to the fact that I need to digitally sign my email wherever I go. I need my GPG key with me.

However, I do not want to install my GPG key on every PC I work on (work, school, etc.). I don't want to carry my GPG key with my on my USB thumb drive. If I lose that, I'm hosed. Talk about compromising my security. I can generate revocation certs if I lose the key, or if it gets compromised, but I want to avoid that as much as possible. I could also generate another key, but again, if one gets compromised or lost, I need to generate a revocation cert, and I just don't want to do that.

Also, I want to make this as easy as possible. I could SSH into the box containing my key, write my email, sign it with my private key, then SCP the signed text to my physical location, but that's just a pain, and very inconvenient. There has to be an easier way. I would like to use Enigmail in Thunderbird, and KGpg if at all possible.

So, I have a problem. I need to have the ability to use my GPG key safely and securely, regardless of where I am physically located, but I need to be smart about it. I have come up with a solution, and I think it's rather ingenious. But, before I go into what I did to have my key with me, I'm curious what you would do. So, here's the problem for the day:

What would you do to be able to use GPG wherever you are? Comment below.

I'll post my solution tomorrow.

{ 19 } Comments