[TIL] How to backup a GPG key pair

TIL that after generating a GPG key pair, one should always backup the following:

1. key pair itself: gpg -o private.gpg --export-options backup --export-secret-keys my-key
2. revocation certificate: gpg --output revoke.asc --gen-revoke my-key
3. key passphrase: should be stored separately from the above, ideally on a password manager

Always consider carefully your security requirements for decisions regarding redundancy and backup storage location (ideally on offline media).

For more information, please check:

• Daily use of GnuPG - The GNU Privacy Handbook
• Backup and Restore a GPG Key - JWillikers
• Generating a revocation certificate - The GNU Privacy Handbook