Encrypted store with EncFs for GPG keys

Information is gathered from: here and here.

  1. Preparation
    1. Become a member of the fuse group
      sudo adduser your_username fuse
      newgrp - fuse
    2. Create a directory for the encrypted files (on the remote storage)
    3. Create a mount point (somewhere in home)
  2. Create the encrypted system/Mount the encrypted system
    encfs folder_to_mount mount_point
  3. Use it
  4. Umount
    fusermount -u mount_point
  1. Create signing subkey
    gpg --edit-key 0xFFFFFFFF
    addkey
  2. Backup the key
    gpg --export 0xFFFFFFFF > publickey.gpg
    gog --export-secret-keys > secretkeys.gpg
    gpg --export-secret-subkeys > secretsubkeys.gpg
  3. Set the gnupg environment to the encrypted location
    export GNUPGHOME=mount_point
  4. Unset the gnupg environment
    unset GNUPGHOME
  5. Remove the private key for the master
    gpg --delete-secret-keys 0xFFFFFFFF
  6. Check that the private key is removed
    gpg --edit-key 0xFFFFFFFF
    gpg addkey
    Adding the subkey should fail
  7. Re-import the secret key
    gpg --import secretkey.gpg
  8. Send the key to the keyserver
    gpg --send-key 0xFFFFFFFF