this post was submitted on 27 Jun 2023
4 points (100.0% liked)

Free and Open Source Software

17943 readers
29 users here now

If it's free and open source and it's also software, it can be discussed here. Subcommunity of Technology.


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

How do you manage GPG / PGP Keys on android and Linux, and why?

all 7 comments
sorted by: hot top controversial new old
[–] digger@latte.isnot.coffee 6 points 1 year ago

OpenKeychain is great for keys on Android. It's FOSS and available on FDroid. +1 for using a self hosted Nextcloud instance to keep things in sync.

[–] MaienM@sopuli.xyz 3 points 1 year ago

I keep my keys on a Yubikey. I've not really had a need to use the GPG portion of this on Android, but it works fine on Linux and MacOS.

I used this guide: https://github.com/drduh/YubiKey-Guide

[–] animist@lemmy.one 1 points 1 year ago (1 children)

keep them in my NC and just import them to thunderbird

[–] privsecfoss@feddit.dk 2 points 1 year ago (1 children)

Sounds like a good idea, and was considering it. But curious if there is other or better ways.

[–] animist@lemmy.one 1 points 1 year ago

If they don't need to be accessed often you could also put them in an encrypted folder or file using veracrypt

[–] TheTrueLinuxDev@beehaw.org 1 points 1 year ago* (last edited 1 year ago)

That's an interesting dilemma when you bring up Android. I have always considered android device as a hardware compromised device and that it shouldn't be used for highly confidential data to an extent that you might be using PGP/GPG for.

But you could have all of your PGP/GPG centrally managed on a Linux system with android device having it's own unique keypair that is signed by your root PGP/GPG keypair on your Linux system. As for software for managing GPG/PGP on Linux system, I just simply use KGPG which does the job plenty well. If you have to use PGP/GPG on Android Phone, then I recommend sticking with f-droid repository for PGP/GPG key management app, not Google Play Store.

OpenKeychain Source Code

OpenKeychain Package on F-droid

Few use-cases for GPG/PGP on android is encrypting email or chat, but application integration is limited to select few software like K-9 Mail or Conversations.

--Edited to add--

Why the heck did server spam duplicates of my comments? :(