- If I want a different encryption key per device (seems to be the safest option), I have to generate a new keypair for each device right ?
- or I should consider that as the encryption private will rarely be on a given server, the risk of that key being stolen is low so having only one key for encryption is reasonable ?
- As for the signing key I'm still confused on how to proceed...
- should it be managed as a subkey of a device specific keypair ?
- or one single key for all devices ?
- multiple signing keys as subkeys of a separate keypair ?
- What about the passphrase protection ?
Does that make sense ?
Again, thanks for your help !
PS: I also asked that question on the superuser / stack exchange platform: https://superuser.com/questions/1692005/duplicity-gpg-key-encryption-with-multiple-devices