McAfee MEJCAE-AM-DA Product Guide - Page 24
Working with public and private keyrings, Changing the location or names of your keyrings, Unix
View all McAfee MEJCAE-AM-DA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 24 highlights
Creating and Exchanging Keys Working with public and private keyrings memory. It should not be something that you have repeated to others recently, nor a famous quotation, because you want it to be hard for a sophisticated attacker to guess. If it's already deeply embedded in your long-term memory, you probably won't forget it. Of course, if you are reckless enough to write your passphrase down and tape it to your monitor or to the inside of your desk drawer, it won't matter what you choose. Working with public and private keyrings Your keys are stored in two files, called the public and private keyrings: • secring.skr contains the private portion of your key pair. To protect it, E-Business Server stores the key encrypted to your passphrase. • pubring.pkr contains your public key. You can add to the keyring the public keys of everyone with whom you exchange messages. The keyrings contain binary information, and thus you can't view or manipulate their contents directly. All operations on your keyrings actually apply to both keyrings at once. E-Business Server cannot open just the private keyring or just the public keyring. To learn how to view keys on a keyring, see Viewing your keys on page 28. Changing the location or names of your keyrings By default, E-Business Server looks for the files pubring.pkr and secring.skr. If you choose to rename your keyrings, you must specify the keyrings' names in E-Business Server's configuration file (using the PUBRING and SECRING parameters). Unix • The default path for pubring.pkr is /.pgp/pubring.pkr • The default path for secring.skr is /.pgp/secring.skr Windows NT • The default path for pubring.pkr is \Personal\pgp\pubring.pkr • The default path for secring.skr is \Personal\pgp\secring.skr Windows 2000 • The default path for pubring.pkr is \My Documents\pgp\pubring.pkr • The default path for secring.skr is \My Documents\pgp\secring.skr You can copy your keyring files to another location on your hard drive or to a floppy disk. By default, the keyrings are stored along with the other program files in the directory identified by the PGPPATH environment variable, but you can save backups in any location you like. For more information, see PGPPATH on page 12. Backing up your keys Note: Keys generated on a smart card cannot be backed up because the private portion of your keypair is non-exportable. E-Business Server does not automatically back up your keyrings. Once you have generated a key pair, it is wise to put a copy of it in a safe place in case something happens to the original. Copy your keyring files as you would any other file. Your private and public keys are stored in separate keyring files. You can copy them to another location on your hard drive or to a floppy disk. You can save your backups in any location you like. For more information on the default keyring locations, see Changing the location or names of your keyrings on page 22. E-Business Server™ 8.6 Product Guide 22