I am “sort of” doing the same thing, by just using a local encrypted zip (aes-256) with the password I know, for restoring the keys. The point that I’m trying to make is that I need to keep these user-keys passphrase-less to get around the issue of users forgetting their passphrases. Right now, I have to go to the effort of importing the file into gpg, running passwd
, to remove the passphrase (requiring me to get it from the user, rather than the user giving me the passphrase-less key), and then storing them in the encrypted zip. I then have to retrospectively go through the process in reverse in order to add a passphrase if I wish to recover.
It would be a lot simpler to me if the system could be configured to work with passphrase-less keys. E.g. when the user is given the backup key, and when the key is imported into the system again. By all means put a warning in there, and have this not be the default setting, but I would prefer to rely on my capability to keep the keys safe as an administrator, rather than relying on users remembering passwords/passphrases.
I think I found the escrow post. That would work nicely, as long as the admin key is encrypting a passphrase-less version of the user key, rather than re-encrypting an already encrypted key. The latter would not resolve users forgetting their passphrases. This has already been pointed out in the comments.