
Ask HN: How am I “supposed to” manage GPG key loss or compromise? - nateberkopec
I maintain a popular software package. I sign all of my commits with a GPG key, and may start signing releases soon.<p>I am also travelling frequently. I&#x27;m concerned about a few scenarios:<p>a) Loss of my private key. My private key lives on a Yubikey, which could simply get lost at some point.
b) The key is compromised. A border agent, for example, asks for my Yubikey and puts it into their computer (yes I have a PIN, but they can demand that as well).<p>My question is what I am &quot;supposed to&quot; do in these scenarios. All the advice on the internet says to use just one private key, and not to have multiple. However, I&#x27;m just not sure how I can assure the users of my software that, if I lose my key or it is compromised, that I can create a &quot;new&quot; key which is actually still me.<p>What am I supposed to do here? One added complication is that my private key is a Yubikey and I can&#x27;t move it off of that physical hardware to another location or even copy it and back it up somewhere.
======
LinuxBender
There was some discussion here [1] that may be relevant. There is also some
relevant discussion on stackexcahnge [2]

[1] -
[https://news.ycombinator.com/item?id=15533878](https://news.ycombinator.com/item?id=15533878)

[2] -
[https://security.stackexchange.com/questions/199863/correct-...](https://security.stackexchange.com/questions/199863/correct-
way-to-replace-a-gpg-key)

