Obviously storing keys on the cloud is the least secure option. I would like to know if it is best to print them out on paper? or generate QR codes?
looking forward to hearing some strategies and best practices.
or print out on paper[1][2][3]/burn a DVD/write on floppy/etc but the encrypted version with very good passphrase. Don’t ever store private keys in plain text.
I put them in my password manager (1Password) as a secure note, and then put its encrypted data file in DropBox. I wish I trusted DropBox a bit more these days (Condolezza), but I trust 1P's data file encryption and having that whole password archive cloud accessible has saved my butt more than once, once for SSH keys.
I also make mine available online but do it a bit different.
I have a public dotfiles project on Github. In addition to my dotfiles it includes a symmetrically encrypted tarfile of a secrets folder that contains keys and other sensitive info.
To recover my keys I only need access to github, gpg and the password for the encrypted tarfile.
A password manager on your smartphone isn't a bad place if you always have it with you. I think backing up to an encrypted HDD and my phone is redundant enough for me.
If you have a password store in the cloud, I recommend KeePass's keyfile feature. With a keyfile (again backed up, but never in the cloud), you can make sure that it takes more than just the master password to get in. If e.g. Dropbox ever gets compromised, and for some reason they can guess your password, keyfile will keep you safe.
or print out on paper[1][2][3]/burn a DVD/write on floppy/etc but the encrypted version with very good passphrase. Don’t ever store private keys in plain text.
[1] http://www.jabberwocky.com/software/paperkey/
[2] http://ronja.twibright.com/optar/
[3] http://blog.liw.fi/posts/qr-backup/