Handling an identity over multiple devices

Hi there,


I've been using gpg on a basic level for some time now (signing commits,
mails, using pass[1]) on different computers and phones, and have never
cared much for tweaking as it seemed unnecessary. Now I've seen here and
there that it would make more sense for me to use subkeys for devices,
so that they all refer to the same identity (me). Reading this, it felt
like the good, logical thing to do. Yet, after checking some existing
threads of this mailing list through the archive system, it seems that
if the subkey subject is brought up, the usual response is "just stick
to gpg defaults and that's it". However, these threads usually involve a
person that has a single device and looks for better security for this
one device.

Now in the case of multiple device, not using subkeys would mean
creating different keypais, and different identities, which doesn't
sound nice, right?

[1] https://www.passwordstore.org/

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Hi, Luke.

My personal experience is that a hardware device such as an OpenPGP card
or Yubikey is the easiest way to share the same private key across
multiple devices (assuming you have physical access, see below). You
designate one machine your master, where you store your original key
material on disk as normal (this would typically be your "most secure"
machine), and then copy your key (including any subkeys) to the hardware
device for use on your other machines.

To copy key material to a hardware device without deleting the master
copy from disk, use the `keytocard` command of `gpg --edit-key`, but DO
NOT SAVE, make sure instead to `quit` without saving. You may want to
keep a backup of your .gnupg directory just in case.

On your other machine, first get a copy of your public key (by whatever
means: email, scp, keyservers...). Then plug in the hardware device and
incant `gpg --card-status`. It should automatically associate the
private key on your card/yubikey with your public key, and you're good
to go. You can use the same card on as many machines as you like, or you
can make multiple cards.

Using a tamper-proof hardware device like this also ensures that you
don't accidentally leave private key material somewhere you shouldn't
(you should use a secure passphrase of course, but belt and braces never
hurts).

If you need to use gpg on a remote machine without physical access, it
may be worth looking into agent forwarding. The UX is a little less
mature than cards but I've got it successfully working on a couple of
machines. Where agent forwarding tends to go wrong is if you use the
same machine both via the physical terminal and remotely - switching
easily between these modes remains a work in progress.

A

On 18/02/2021 21:35, Luke via Gnupg-users wrote:
--
Andrew Gallagher


_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On Donnerstag, 18. Februar 2021 22:35:16 CET Luke via Gnupg-users wrote:
> Now in the case of multiple device, not using subkeys would mean
> creating different keypais, and different identities, which doesn't
> sound nice, right?

I think Andrew's suggestion to use a hardware token is good advice. I'm using
an OpenPGP token with three subkeys (sign, encrypt, authenticate). The main
key stays on one device, preferable offline.

Back to your question. I don't think using different subkeys for different
devices makes much sense.

For encryption subkeys it makes no sense at all because almost all existing
applications will encrypt only to a single subkey (typically the most recently
created one). This means that only one of your devices will be able to decrypt
something encrypted to you.

For signing subkeys it makes little sense. Yes, it would allow you to replace
the device-specific signing subkey in case the device is compromised. But I
don't see an advantage over simply replacing a common signing subkey in case
of a compromise. (Okay, one advantage would be that the replacement subkey
only needs to be deployed on one device.) Using a hardware token is much
better because it protects against compromise in the first place.

For authentication subkeys it makes sense (unless you use a hard token)
because this allows you for example to control which devices can ssh to which
machines. But you could also use plain ssh keys for this.

Regards,
Ingo

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users