How do I back up and restore Passwords and Keys?

backup keyrings seahorse gnome-keyring

Solution 1:

Keyring data is stored in several places:

  • "Passwords" (GNOME Keyring data) are stored in ~/.local/share/keyrings

  • "Secure Shell" data (SSH keys) are stored in ~/.ssh

  • "PGP Keys" (including GPG keys) are stored in ~/.gnupg

    • Note that copying the whole .gnupg folder copies your trust data as well, so this is probably preferable to doing an import/export through the "Passwords and Keys" interface.

You will need to backup and restore each of these folders. Preferably don't use a flash drive to do this (see note below). When restoring the folders, make sure the permissions are set correctly (see note below).

Note on flash drives

You should avoid using a flash drive to store/transfer keys, even temporarily, since deleted data is easily recoverable from a flash drive unless you take precautions, like encrypting the drive. If you have a network connection, transfer over ssh would be both convenient and secure.

Note on permissions

When you restore the folders, they need the correct ownership permissions, which you can apply as follows:

chown --recursive USERNAME:USERNAME ~/.ssh
chmod 755 ~/.ssh
chmod 644 ~/.ssh/known_hosts
chmod 644 ~/.ssh/authorized_keys
chmod 600 ~/.ssh/config
chmod 600 ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa.pub
# repeat the last two for other public/private pairs
# you may need to "service ssh restart" after changing these values

chown --recursive USERNAME:USERNAME ~/.gnupg
chmod 700 ~/.gnupg
chmod 600 ~/.gnupg/*
# for any subfolders, you need to apply 700 to the folder
# and 600 to the files in that subfolder:
# chmod 700 ~/.gnupg/subfolder
# chmod 600 ~/.gnupg/subfolder/*

References:

  • Permissions on private key in .ssh folder? (Super User)
  • Fixing “WARNING: UNPROTECTED PRIVATE KEY FILE!” on GNU/Linux (How-To Geek)
  • ssh returns "Bad owner or permissions on ~/.ssh/config" (Server Fault)
  • What are the correct permissions for the .gnupg enclosing folder? gpg: WARNING: unsafe enclosing directory permissions on configuration file (Super User)
  • Notation of traditional Unix permissions, especially "Numeric notation" (Wikipedia)

Related

What is a WINEPREFIX?
OBS on Ubuntu 17.10 (Artful) - Black screen, only cursor in screen capture mode [duplicate]
Difference between three and four digit file permissions?
How to prevent automatic change of the audio device?
XRDP on Ubuntu 18.04LTS
Clear the characters before the current cursor position in Zsh
Upgrading Python 3.6 to 3.7 in Ubuntu 18.04 LTS [duplicate]
Cannot launch .desktop files (opens with Text Editor instead)
Does gnome support desktop widgets?
How to install tmux from source?
What software can be used to create a restorable drive image?
What's the recommended way to configure a Synaptics touchpad device?