Backup your private key
We're going to export your
private key and store it on your
private USB and then we're going to make a paper backup.
cd into your
private USB, most likely located at
sudo gpg2 --export-secret-key -a 2F95015B >> 2F95015B-private.asc replacing
2F95015B in the 2 spots, with
[email protected]:/~$ cd /media/PRIVATE [email protected]:/media/PRIVATE$ sudo gpg2 --export-secret-key -a 2F95015B >> 2F95015B-private.asc
ls the contents of the directory to ensure it's exported it. Your
revocation certificate should be there
[email protected]:~/media/PRIVATE$ ls 2F95015B-private.asc 2F9501B-revoke.asc
paperkey is a similar process. We use a little UNIX feature
| the pipe operator, to pipe the output of
the first function into the second function,
paperkey in this case, then we use
>> to save the output of
to a file called
2F95015B-paperkey.txt, make sure to substitute your fingerprint.
[email protected]:/media/PRIVATE$ sudo gpg2 --export-secret-key 2F95015B | paperkey >> 2F95015B-paperkey.txt [sudo] password for amnesia:
After that's made, you can
ls the directory to ensure it's been created. Now you'll need to print the
file. Open up the GUI file explorer, locate the file, and open it with
gedit. Then print it.
[email protected]:/media/PRIVATE$ ls 2F95015B-paperkey.txt 2F95015B-private.asc 2F9501B-revoke.asc
Store your printed copy in a plastic envelope, as it's likely a few pages.
While you're here you can take the option to print out your
revocation certificate and if you want, the
ascii amoured version
private key too. As these are in
ascii you will need to manually type them up in order to use them.