Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

To backup the passwords a copy of ~/.password-store/ is enough, but to completely recover, a backup of the gpg keys is also required. What's your strategy for this? Do you just backup the entire ~/.gnupg/ directory?


Hardware Yubikeys (2 for daily use, one as backup) with a paperkey backup.

If my main key breaks, I can switch to the backup key which gives me a buffer to setup a new key from my backup.

The ArchWiki has a decent guide: https://wiki.archlinux.org/index.php/Paperkey


I use passphrase2pgp[1] so I can recreate my GPG key anywhere. I need to remember three pieces of information:

- passphrase (long sentence, but it's easy to remember) - uid (Name <email> - easy) - timestamp (10 digits - kinda hard to memorize but you can have it noted is plain text since it's not sensitive information)

[1]: https://github.com/skeeto/passphrase2pgp


I have my key on multiple devices (e.g. my phone where I use the Password Store app). Then I have backups of the key as .asc on USB drives as well as printed on paper at two different physical locations.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: