mirror of
https://github.com/drduh/YubiKey-Guide.git
synced 2024-10-31 20:18:55 +00:00
mention KO attacks
This commit is contained in:
parent
ad340b5f18
commit
b476dc37b5
@ -1183,6 +1183,8 @@ Once keys are moved to YubiKey, they cannot be moved again! Create an **encrypte
|
|||||||
|
|
||||||
As an additional backup measure, consider using a [paper copy](https://www.jabberwocky.com/software/paperkey/) of the keys. The [Linux Kernel Maintainer PGP Guide](https://www.kernel.org/doc/html/latest/process/maintainer-pgp-guide.html#back-up-your-master-key-for-disaster-recovery) points out that such printouts *are still password-protected*. It recommends to *write the password on the paper*, since it will be unlikely that you remember the original key password that was used when the paper backup was created. Obviously, you need a really good place to keep such a printout.
|
As an additional backup measure, consider using a [paper copy](https://www.jabberwocky.com/software/paperkey/) of the keys. The [Linux Kernel Maintainer PGP Guide](https://www.kernel.org/doc/html/latest/process/maintainer-pgp-guide.html#back-up-your-master-key-for-disaster-recovery) points out that such printouts *are still password-protected*. It recommends to *write the password on the paper*, since it will be unlikely that you remember the original key password that was used when the paper backup was created. Obviously, you need a really good place to keep such a printout.
|
||||||
|
|
||||||
|
It is strongly recommended to keep even encrypted OpenPGP private key material offline to deter [key overwriting attacks](https://www.kopenpgp.com/), for example.
|
||||||
|
|
||||||
**Linux**
|
**Linux**
|
||||||
|
|
||||||
Attach another external storage device and check its label:
|
Attach another external storage device and check its label:
|
||||||
|
Loading…
Reference in New Issue
Block a user