Change Details

I have a desktop computer, a Librem laptop, and eventually a phone and/or tablet... and with the current state of the Linux desktop, it's a big pain in the ass to use and manage GPG for a very simple reason: I can't easily keep my devices in sync over my private network (LAN). I want to keep my private keys in sync (without //ever// risking data loss on that front) and also the public keys of others that I have imported. I don't want to use public keyservers. I prefer not to depend on a hardware smartcard. I basically want the equivalent of nextcloud caldav/carddav for GPG, but peer-to-peer (not requiring to set up a central "server"). It is possible that just synchronizing the ~/.gnupg/ folder across the computers over SSH/SFTP with [[ http://www.cis.upenn.edu/~bcpierce/unison/ | Unison ]] might work, but I'm not tech savvy enough to know for sure. Will it work fine, or will it conflict/corrupt itself? Will it get interference from, for example, "gpg-agent", the process that is running in a GNOME session? Are GUI tools like Seahorse and KGPG etc. using inotify or some other mechanism to refresh themselves and prevent overwriting changes? Ideally we should provide a tool and method and "best practices" for users to solve this particular problem. And we should be making sure that GUI key management tools like Seahorse are properly maintained and bug-free (not the case in recent years).

I have a desktop computer, a Librem laptop, and eventually a phone and/or tablet... and with the current state of the Linux desktop, it's a big pain in the ass to use and manage GPG for a very simple reason: I can't easily keep my devices in sync over my private network (LAN). I want to keep my private keys in sync (without //ever// risking data loss on that front) and also the public keys of others that I have imported. I don't want to use public keyservers. I prefer not to depend on a hardware smartcard. I basically want the equivalent of nextcloud caldav/carddav for GPG, but peer-to-peer (not requiring to set up a central "server"). It is possible that just synchronizing the ~/.gnupg/ folder across the computers over SSH/SFTP with [[ http://www.cis.upenn.edu/~bcpierce/unison/ | Unison ]] might work, but I'm not tech savvy enough to know for sure. Will it work fine, or will it conflict/corrupt itself? Will it get interference from, for example, "gpg-agent", the process that is running in a GNOME session? Are GUI tools like Seahorse and KGPG etc. using inotify or some other mechanism to refresh themselves and prevent overwriting changes? Are there other sync tools that would be better suited for this? Or tools specific to GPG? Or something we should co-develop? When searching for "unison sync gpg" I found [[ https://github.com/firstlookmedia/gpgsync | GPG sync ]] for example, but I have no idea if it's any good or if it can fit the "home user" P2P usecase. Ideally we should provide a tool and method and "best practices" for users to solve this particular problem. And we should be making sure that GUI key management tools like Seahorse are properly maintained and bug-free (not the case in recent years).

I have a desktop computer, a Librem laptop, and eventually a phone and/or tablet... and with the current state of the Linux desktop, it's a big pain in the ass to use and manage GPG for a very simple reason: I can't easily keep my devices in sync over my private network (LAN). I want to keep my private keys in sync (without //ever// risking data loss on that front) and also the public keys of others that I have imported. I don't want to use public keyservers. I prefer not to depend on a hardware smartcard. I basically want the equivalent of nextcloud caldav/carddav for GPG, but peer-to-peer (not requiring to set up a central "server"). It is possible that just synchronizing the ~/.gnupg/ folder across the computers over SSH/SFTP with [[ http://www.cis.upenn.edu/~bcpierce/unison/ | Unison ]] might work, but I'm not tech savvy enough to know for sure. Will it work fine, or will it conflict/corrupt itself? Will it get interference from, for example, "gpg-agent", the process that is running in a GNOME session? Are GUI tools like Seahorse and KGPG etc. using inotify or some other mechanism to refresh themselves and prevent overwriting changes? Are there other sync tools that would be better suited for this? Or tools specific to GPG? Or something we should co-develop? When searching for "unison sync gpg" I found [[ https://github.com/firstlookmedia/gpgsync | GPG sync ]] for example, but I have no idea if it's any good or if it can fit the "home user" P2P usecase. Ideally we should provide a tool and method and "best practices" for users to solve this particular problem. And we should be making sure that GUI key management tools like Seahorse are properly maintained and bug-free (not the case in recent years).