sorry for this dumbass question, i tried to read the docs but i just dont get it.
maybe someone here could explain how split-gpg is working in pidgin.
if i got it correctly, unman got 1 gpg key and 2 sub gpg keys right? like 1 for e-mail and 1 for his templates, codes,…
I have a number of different PGP keys, used for different purposes -
some for use in Qubes: mail, Qubes signing, doc signing - some outwith Qubes.
For almost all of my keys, I use them with subkeys: the advantage of
this is that the secret key is stored separately from the “working”
keys. You can keep the secret key in a Qubes vault or, (better), in
secure storage separate from your Qubes system.
split-gpg is different
I’ll try to explain the docs in simple terms.
Most people have gpg installed on the system where they want to use it.
Carrying that over to Qubes would mean having PGP keys set up in your
mail qube, or work qube, or wherever they are needed.
The risk here is that if the mail domain is compromised, the attacker
can steal your keys because they are right there.
Using split-gpg mitigates this risk.
Keys are stored in a separate qube (mail-gpg). When you want to
decrypt an email in your mail qube, the work is handed off to mail-gpg.
The process is controlled by a policy file: you should be prompted when
the mail qube wants to use the back end mail-gpg. For convenience access
is allowed for 5 minutes (by default) so you don’t have to keep responding
to prompts - if you want to you can make this time longer or shorter.
If an attacker gains access to ‘mail’ they cannot simply steal your keys
because they are not there in the qube to steal.
You can have multiple “backend” qubes holding different keys, as you
need them, available to different qubes, all controlled by your custom
policy.
I hope that’s relatively clear.
I never presume to speak for the Qubes team. When I comment in the Forum or in the mailing lists I speak for myself.
1 Like
oh, thanks for your explaination, but i guess i knew this already.
the question for me would be, as far as i understood, you are using split-gpg because you got 1 main gpg key and then for every need a sub one?
or question vice versa:
why would we want to split our gpgs? wheres the difference to a “normal” gpg key?
for me, im using protonmail and thinking off to get split-gpg but i not really got the point of it anyhow.
and the other point where i want to use split-gpg would be also for my coding projects.
and then my guess yesterday were, maybe i could use it as .ssh private key? so i could reach my server passwordless. or is the ssh agent from your task-manager for this thought?
Split GPG and subkeys are orthogonal. You can use Split GPG without subkeys, and you can use subkeys without Split GPG. You can also use both together, but you don’t have to. Split GPG is unique to Qubes. Subkeys are not.
See this section.