"Don’t Use a Blank Passphrase on Your Key This is basic security, plus allows you to “safely” move your keys between hosts..."
Then:
"Don’t Copy Your Private Key Around Remember this is your identity... Its never a good idea to copy it from system to system."
So put a passphrase on your private key so you can move it between systems, but also don't ever move it between systems.
Side note: I get annoyed by advice about how one should always always put a passphrase on private keys. It makes unchecked assumptions. The private keys on my laptop are stored on a fully encrypted drive that locks every time the computer sleeps. This laptop has far more sensitive data on it than the remote hosts I access (github and a VPS), which serve virtually all their unique data to the public via the web. I'm fine with a naked private key on this machine.
Do you recognize the threat of malware (such as a random script you download) just copying the private key and shipping it off?
A passphrase defeats that threat. And integrating the ssh agent with something like the gnome keyring means you never even have to remember your passphrase.
I confess, I hadn't thought of that threat. It's an interesting thing to think about.
My initial reaction is this: Couldn't malware on my laptop also monitor my keystrokes when I unlock the key? Or when I log in to my VPS web interface? I mean, if the goal is to have a malware infested computer that is no threat to external systems, it seems like there are tons of other files/apps/system you'd also want to password protect, to the point of making the computer almost impossible to use.
Still, it's an interesting point. SSH keys are more sensitive. I do keep an extra password on my password manager.
I get annoyed by advice about how one should always always put a passphrase on private keys. It makes unchecked assumptions. The private keys on my laptop are stored on a fully encrypted drive that locks every time the computer sleeps.
You're probably not the target audience. If you're savvy enough to make full disk encryption work, then you should already know how to use ssh-agent.
Your setup sounds like something I could want for myself. I have a truecrypt "virtual disk" that I would like to unmount on suspend and mount on resume. Can you elaborate on the details of your encryption setup?
I should revise my phrasing: The computer locks behind an OS X password, the drive, while fully encrypted, remains available as far as the OS is concerned. Something like you describe would be much better.
(An attacker in possession of a sleeping machine could theoretically get the ram, cool it with liquid nitrogen or similar, and try and extract the PGP key. I do at least have FireWire DMA turned off.)
"Don’t Use a Blank Passphrase on Your Key This is basic security, plus allows you to “safely” move your keys between hosts..."
Then:
"Don’t Copy Your Private Key Around Remember this is your identity... Its never a good idea to copy it from system to system."
So put a passphrase on your private key so you can move it between systems, but also don't ever move it between systems.
Side note: I get annoyed by advice about how one should always always put a passphrase on private keys. It makes unchecked assumptions. The private keys on my laptop are stored on a fully encrypted drive that locks every time the computer sleeps. This laptop has far more sensitive data on it than the remote hosts I access (github and a VPS), which serve virtually all their unique data to the public via the web. I'm fine with a naked private key on this machine.