undefined | Better HN

0 pointsINTPenis3y ago0 comments

>just last week I had to enter the admin GPG code for the first time in years, and I forgot it initially

Now this is scary.

I'm going to reveal some of my opsec but my password manager (pass(1)) does have yubikeys registered but it also accepts my GPG key. So even if I lose my yubikeys I can still unlock all the passwords, otp codes and everything I have in there.

I just can't feel comfortable with any other solution than my head being the final master key.

0 comments

krzyk3y ago

I use pass also but only with GPG and I feel a bit uncomfortable that I don't know anything about GPG, I don't remember if I set a password there or how to move it to another computer for backup or sync of the stored data in pass.

INTPenisOP3y ago

Yeah gpg is a big hurdle. My suggestion is to learn about subkeys. Create subkeys for everything you want to do.

That way you have one main key that can revoke subkeys, subkeys do everything like access to files, emails, passwords.

j / k navigate · click thread line to collapse