Iustin Pop <iustin@debian.org> wrote on 01/04/2024 at 12:29:59+0200: > On 2024-03-31 22:23:10, Arto Jantunen wrote: >> Didier 'OdyX' Raboud <odyx@debian.org> writes: >> >> > Le dimanche, 31 mars 2024, 14.37:08 h CEST Pierre-Elliott Bécue a écrit : >> >> I would object against creating a PGP key on the HSM itself. Not having >> >> the proper control on the key is room for disaster as soon as you lose >> >> it or it dies. >> > >> > For subkeys, isn't that a benefit rather than a disadvantage? >> > >> > You lose the key, or it gets destroyed / unusable; good, you get a new subkey >> > instead of reusing the existing one on a different HSM. >> >> For the authentication and signing subkeys this is indeed true. For the >> encryption subkey significantly less so (as things encrypted against >> that key then become impossible to decrypt). >> >> Personally I have generated the signing and authentication subkeys on >> the HSM itself (and thus at least in theory they cannot leave the HSM), >> and the encryption subkey I have generated on an airgapped system and >> stored on the HSM after making a couple of backups. > > I am really confused now on how all this works. How can you generate > parts of a key (i.e. subkeys) on the HSM (well, yubikey), and the other > parts locally? If you have a master key on your laptop, when a yubikey is in, while running gpg --edit-key your_main_key, you can use the "addcardkey" to create a subkey on the Yubikey directly. -- PEB
Attachment:
signature.asc
Description: PGP signature