Would it be good to have two nitrokeys? How would you back them up?

Hello… About nitrokeys… It would be good to have two of them if you drop one…
Does anyone of you have it like that? So do you just copy the same keys on both devices then and nothing more? Is it hard to do… Do you have some advice on how to work with two nitrokeys? Maybe just fill the first one and then just clone it? That would be the least amount of work right?
Should work to make an exact copy of one to another, then to manually write the same keys in both for everything.

I need to learn about this key it seems like a good solution for passwords and so on… Thanks!
edit: It’s in linux also…

Hi,
here is a german Articel, that describe exactly what you need: https://www.kuketz-blog.de/gnupg-schluesselerstellung-und-smartcard-transfer-nitrokey-teil2/
Maybe a translator can help you. Or you can write to us if you have specific questions about it.

1 Like

Thanks!

I am very interested in this too, because I wish to have a backup in case of loss…

I don’t know about Nitrokeys, but we use NitroHSM 2 and we basically have 5 of them. We use one for various development purposes, one of them is used as master HSM - we have master key on it and it is stored in a safe and its backup (exported key) is stored in different physical location. Another one is used as intermediary production CA and yet another one is used as (root) CA for testing environment - it is easier to create keys with it (procedure is easier, programaticaly it is identical), but they can’t be used in production of course. And we have one spare unit in case anything bad happens to any of them. I suppose that we should have few more in store in case everything goes down, but managing backups and so one is major PITA and I’m still working on good procedure to do it.

Anyway, I think that same backup mechanism is used for Nitrokey, and procedure is nicely described here:

https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html#toc_6.

Correct me if procedure is absolutely different, but I suppose basics are the same.

1 Like