Securing your keychain and public keys

Spork's Avatar


14 Mar, 2012 11:24 PM


I'm kind of new to GPG and had a question regarding Keychain access. I'm wondering if there's any way to encrypt or secure the public keys in my keychain; essentially, prevent the use of the keychain without a passphrase or encryption key.

Obviously in order to decrypt a message the passphrase for my secret key is required, but if someone were to boot my machine and fire up my keychain, they would see a complete list of the public keys I have imported. What are people's approaches for preventing this?



  1. Support Staff 1 Posted by Luke Le on 14 Mar, 2012 11:27 PM

    Luke Le's Avatar

    Hi Spork,

    I'm not sure if your issue is in fact an issue. Public keys are supposed to be uploaded to keyserver for easier distribution.
    But if you really don't want to have them on your computer you could copy your .gnupg/pubring.gpg file to a thumb drive and create a symlink to it in your .gnupg folder.
    That way if anyone got physical access to your computer, they still wouldn't have access to your public keys.

  2. 2 Posted by Spork on 14 Mar, 2012 11:30 PM

    Spork's Avatar

    Yes, it's not exactly an "issue" per se, I realise it's an edge case. Was just wondering if anybody had any ideas for how one might go about it.

    The USB drive is a good idea, thanks Luke.

  3. Support Staff 3 Posted by Luke Le on 14 Mar, 2012 11:35 PM

    Luke Le's Avatar

    You can also do the same with your secring.gpg or even the entire .gnupg folder.
    We haven't tested this a lot, but let us know how it works for you, so we can
    add further support if it doesn't.

    Closing this discussion for now.
    Feel free to re-open or create a new discussion if you have any further questions :)

  4. Luke Le closed this discussion on 14 Mar, 2012 11:37 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac