Collaborate Disseminate
Trying to setup a separate subkey on my GPG key for signing (instead of using the primary key itself), I had the surprise that gnupg automatically added an additional "R" usage flag on the new subkey:
~: gpg –expert –edit-key A… Continue reading GPG: What is the "R" usage flag on a subkey?
Here’s how to import a key to keyring, decrypt files with it, then delete the key from keyring.
gpg –import ~/alice.asc # input passphrase
gpg –edit-key alice trust # input 5, input y, Ctrl+C
gpg –decrypt-files -r alice ~/ciphertext/*.a… Continue reading gpg decrypt without keyring
Several people recommend only decrypting your master key on an airgapped computer to reduce the risk of having malware that can steal it. What about using an Android phone for this purpose? One could disable the radios in software, encrypt… Continue reading Using an Android phone for the airgapped GPG key signer
I would like to encrypt many files using symmetric encryption such as AES256, using a single memorised password.
I was planning to use gpg but gpg symmetric encryption does not work with –multifile flag. gpg has the ability to cache the p… Continue reading Best way to symmetrically encrypt multiple files using a password
How do I export a TSK file?
https://openpgp.dev/book/private_keys.html#transferable-secret-key-format
for use in the maven-gpg-plugin
https://maven.apache.org/plugins/maven-gpg-plugin/examples/deploy-signed-artifacts.html#sign-using-bc-sig… Continue reading How to export a transferable secret key [closed]
I’m planning to use the pass to store passwords for a web service. My service will need to store passwords for many database servers. So my idea is store these passwords with the Linux pass command. I created a class in typescript that inv… Continue reading Passing password through terminal when using pass + gpg
I created three gpg subkeys stored on my YubiKey as described here. I added enable-ssh-support and enable-putty-support to my gpg-agent.conf file. Everything works when accessing a server with the ssh-key generated by gpg –export-ssh-key … Continue reading Windows YubiKey GPG works with putty but not terminal [migrated]
I use linux and tend to distro hop a lot. I’ve noticed often that the distributions offer that you verify the download with a sha256sum hash and a GPG key.
My understanding is that a file, e.g. a linux .iso file will have an (almost) uniqu… Continue reading What is the point of a gpg file alongside the hash of a Linux ISO download? [duplicate]
How do I restructure my keys from current/old setup to new setup?
The new setup would allow better key-management: isolation of primary-key and rotation of sub-keys.
Current/Old Setup:
PrimaryKey – CS
SubKey – E
New Setup:
PrimaryKey – C
S… Continue reading Restructure PGP Keys
I’m wondering about the correct steps when you want to download Firefox from their server and validate it has not been tampered with.
Assume you download the latest Firefox tar-bz2-package from https://download.mozilla.org with wget. Is th… Continue reading How to verify the downloaded Mozilla Firefox binary? [duplicate]