Let’s say I setup my work-email to run split-gpg and reach my work-related gpg key on my vault qube. So, I assume my work-email qube will only reach my work-related gpg key, and not my other, anonymous identity gpg keys. Can a malicious program in work-email, like an infected thunderbird or something, be made to reach my other keys as well on the vault qube? If so, does that mean that one should create more than one vault backends for split-gpg use, depending on the number of identites one wants to segregate?
I think so
Understood.
- Is this also the same for split-ssh setups? That is, the user should segregate his ssh keys in categories as he sees fit, as in, work-ssh, anon-ssh, community-ssh, each holding ssh keys that constitute a specific scope of his online activities (that is, the anonymous online activity specific ssh keys are on anon-ssh, and the activities that are tied to his real world identity are on work-ssh, etc.)
- Can you also take a look at this question of mine on this topic: Split SSH - #8 by tanky0u