[thakoppno]

> an offline backup printed

have you ever tried typing a private key from a piece of paper? once i was in a similar situation and gave up and just drove to the colo.

[yencabulator]

An elliptic curve key (NaCl etc) is 32 bytes. Here's two such keys for you, as a demo:

    $ entropy 32|zbase32-encode 
    pu3zrux6t6cqrmmyesdxtppxiudxjcndrx3bomjuyaupa61493no
    $ entropy 32|phrase-encode 
    afar-pimple-unwind-imagine-buckets-today-duke-sober-dehydrate-rebel-online-nudged-bamboo-saxophone-eluded-tattoo-pause-bays-ungainly-tasked-jingle-topic-null-enraged

[parasec]

While you're right, I'd recommend against both for the specific use-case. You just added another layer. The extra software needs to be available, maybe it's not developed anymore and won't compile on your system, maybe they changed the alphabet from which the words are generated, ...

OpenSSH private keys are armoured by default, gpg-keys can be exported and imported in an armored format - and everything else can be just printed as hex representation with whatever tool (e.g. `od -Ax <file>` or any other).

[yencabulator]

z-base-32 isn't going to magically disappear off the face of the earth. Anyway, here's a 32-byte secret key as hex. Still easier to type in than to drive to a data center. GPG is just horribly verbose, and the old school RSA keys are huge in comparison.

fd3223ec 20f55ae7 6fddc979 d41e2276 25255516 b08f5cd4 3d66d676 a054d2bb

[jeremygaither]

My Google fu has failed me. What is that "phrase-encode" tool and where can I find it?

[yencabulator]

It's a 50-line CLI I wrote (just like `entropy` on the other line). It's just a simple interface for https://gitlab.com/NebulousLabs/entropy-mnemonics which is one of the many different "encode binary as words" things out there. It's the idea that matters more.