forked from allykzam/amazingant.com
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add a new post with my gpg key info in it
Including details of my wonderful adventure with gpg. I swear, I know how to computer.
- Loading branch information
Showing
1 changed file
with
182 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,182 @@ | ||
title: GPG Key? | ||
date: 2016-07-02 17:15 | ||
category: blog | ||
tags: git, ssh, gpg | ||
|
||
I recently bought a Yubikey 4 with the intent of playing around with it, setting | ||
up SSH to let me use it for authentication, and maybe even using it to sign some | ||
things in git. I forgot the part where that meant using gpg again... | ||
|
||
Thus begins today's story... | ||
|
||
<!-- more --> | ||
|
||
---- | ||
|
||
Basically, I created a master key and three subkeys by following the guide | ||
presented [here][drduh-guide], and put the subkeys into my Yubikey. This of | ||
course took an immensely large amount of time because I wasn't doing anything | ||
else with the system I generated the keys on, and so gpg felt there wasn't | ||
enough entropy; wiggling the mouse helped, but only so much. | ||
|
||
Once the keys were created and added to the Yubikey, I went to bed, and took the | ||
Yubikey to work with me the next day. It took a good hour or so, but I got SSH | ||
to let me authenticate connections to GitHub using the authentication key on the | ||
Yubikey, and signed a test commit with git using the signing key. Everything | ||
looked good, and I went back to doing actual work. | ||
|
||
Moving forward a few days... I had originally created all four keys with no | ||
expiration dates, figuring that I'm not doing anything that exciting, and I have | ||
a revocation cert, so who cares? But I changed my mind and decided to add | ||
expiration dates one year from now (that was this morning, feel free to look up | ||
the now-useless keys on your favorite keyserver). After about 20 minutes, it | ||
appeared as though I had accidentally added the master key's secret key onto the | ||
Yubikey (I hadn't, I just thought I had), had factory-restored the Yubikey to | ||
get the secret key off of it, and then somehow got gpg into a state where it | ||
refused to add the subkeys back onto the Yubkey. | ||
|
||
Lucky for me, I managed to also ruin the backup copy of everything while I was | ||
at it. This being why I haven't revoked the old keys. But hey, on the bright | ||
side, the private keys don't exist anywhere anymore! | ||
|
||
After turning off the computer, going to get lunch, and coming back, I did what | ||
any sensible person would do: started over. Luckily I had just done everything, | ||
so while re-building my keys I had `history 0 | less` open in a tmux pane and | ||
scrolled to the relevant section of my command history, and I had other things | ||
to do, so gpg felt I generated entropy at a much higher rate this time. Given | ||
what I've heard about `/dev/random` vs `/dev/urandom`, it sounds like gpg is | ||
just playing security-theater with me, but whatever, I got my new keys | ||
generated. | ||
|
||
At any rate, in case anyone is interested, the new key's fingerprint and public | ||
key are below (feel free to let me know if I messed it up somehow), as well as | ||
the pubkey entry that can be used for an SSH `authorized_keys` file. When I | ||
commit this blog entry I'll sign the commit with the signing subkey, and at some | ||
point when I get around to it, I'll use my [keybase.io account][keybase-account] | ||
to properly document that this new me and the keybase.io me are the same me. | ||
|
||
I know, this wasn't even remotely worth reading just to be given the public key | ||
of some random person you don't know, whose code you don't care about, etc. | ||
Sorry not-sorry? | ||
|
||
|
||
``` | ||
-----BEGIN PGP PUBLIC KEY BLOCK----- | ||
mQINBFd39E8BEADaX5R+Nj1PK3YQxKvv3djQyzaOJYlFa4sDn5Mz3G+/2Rlxu3Fk | ||
NMLoD90V+xOMJMy8qmeRHhoi73CDrHnxw/kLsVGYa4Y9KU3/0GhVwKdKQSdXGO4C | ||
erEWxm0wpNVhOE4fMm7vwCQ1j+Cg1oloZtL9VDkZSdRZNJFjYqDBJMUTv7DXuOOu | ||
0sp6ms3nopLLZRYLu9dNskFmmFzgGoburJigUqkTNpY48MyTdM7PEeGEacHChMcy | ||
zIzW7pd9SXqyUJUlxHRjLVaSgzcUNewxFF+yaGwFWBYCVf6qaWtfahcAo2jwToVx | ||
BBeysyd+M94gFt737j/pR5ikw499JtxQO7+WNRY8rlpMHmvYyfl4VZXG37Z3Daeq | ||
9FFHQ+L4p2d0AM1O95btzZh3IZZZyPdDfaobjImHbaRtAMeM3ZnAImfTnmw0aX02 | ||
JygWCi1zWgxkHqmGnrePSlGihG5G+AneI8EPhfjpAAYqVDePuRH3W1HOAqkNsPOo | ||
bFxr2ADmUFVRWIvkaCTt4HhRl0OYBUi5ysVpDmWpVRoFqbZzkyFFCFtXBC8PAUIf | ||
gy7SnFF7CFyw9KUQ3CeCSOKXpqCuONmMh6xyVEU7KqpwZsd0k2iK8Xb0E8XBcmaW | ||
ozZmZIpVKB2GGDmVNlw6p2w9k4EObBZO7lJttYoVohb4oOvG7rkAe3P4FwARAQAB | ||
tDNBbnRob255IFBlcmV6IChhbWF6aW5nYW50KSA8YW50aG9ueUBhbWF6aW5nYW50 | ||
LmNvbT6JAjEEEwEKABsFAld39E8CGwMCCwkCFQoFFgIDAQACHgECF4AACgkQemAU | ||
4xZdThUXcRAA2kaBJ33hqC08sA5LTOniI83m6Hz4sAw1t7qFbhB7PnIALMgJ3Gys | ||
nT1lhkRKtRzOmOOd+M+Q1GjwS5u1GYOS0NWCjRC+t1ddeF64OXCFxOiB93f06REf | ||
8NJtmSqy/epBaZzR4Xtjec8kyJizc2sTIFsQ3oUxZUJd/a/52IgsmNEmgnfU9X5h | ||
k6RWUremRTm01StWs66MXDJMW7UmD/MnVTazP/Bu+w5Foe8iZfU8YIHFvhJ18gmQ | ||
+pZQbNHoNqtQkU6rv7FCRRzBPEe4CsCdaOiJhtooJKQZUXE7Cy2E6bqHMaVRZtDF | ||
FabQkiDLmqIfb76Xj9GeNas2U3L6jHsDZjH/zSJG8F+LNPUL/AA3o721PB8QT1DY | ||
03DhYKpGdwCk6w2VWU8SDiJ2LuE4LrV0AxFaxYPmKblWrpSuqs3HxC/suXDpVpGf | ||
sv8/o06YiaSXdOjuneODH0qyWfNIu5V9NM6qwRtxnVA+808gt6FOlaUWv0MjoNdD | ||
6Y0nZB9b4uoshGmYtG032xjYeIb80wjvQ+9WqKYNIeGNvsgEJt0NAElhoaFd9sBS | ||
jZrfVQ54HbxMZFN3qYqShh3l3UEE49N7SqKitfQT9+s01X46iVVInrjeGi+JvaNl | ||
xpB4hdDA7nvN6+niz3GIPRuq+pbFUyXulI1u2sHSwGLnirlYRByUORW5Ag0EV3f3 | ||
VwEQAMEJVHtdPkUtbUYfaGD504WmehqnZhy5uAP7H8kFBbd3jzlYsJxf1GC+B4CZ | ||
zI+1UFkpb2CXpZLDBz6PSpgkjVfAtHL8NXOqn6tMFCTgaGSD8dd+VrOFH5mEdL33 | ||
X/ooKVh3INeB/DHoBrhhBkKrr0NdrXRDUqnWJBAkUnFkl/QlN4+iQQOec21Fhb9N | ||
7ZFRQx/C75PuGn/Mr5Pu7YYQAsqyLRDqjvKsN8N5H+grv5cAkoDlMyoMXnFCla21 | ||
Zq/LH1PV4z86DVYU1q98Fm93P6rX/HuIcVgcPYtaiGmZ6YlHYX4mhrvDMO5TmUUQ | ||
5Sol0eh1r3v+LGRwQB9dVCJSzQRT6wMJRqiIrCSendz6yKDK67GvqLf60Fcprl3I | ||
bIMg5noR0puP/x4yNCmGA4p/Am6CK6v3ru2Yv/ZBfZ2oKpaaL2muphnThMAqMZvw | ||
rp5ar5ZTyo7hxdwp62q/eUgPqTlLbuSeayw8E+u025R6G/Dg50qyKZni+jkGrgTG | ||
nnwb418ne2SZ8J7eZ/U+4V7OM5xSZnUd1p33EXlWVXzLoC6hgDTUbY03rKyQ70Wp | ||
d7irHUS+GLFbTbIg0DMpQUvPfus3flCTNe1UrDm8xINtwBLYGSKhJp7tAl5U4Df4 | ||
TV0tVm0M9K/Lla6rypVIaPcD0J8xXmpqY9YX7xTYTdwk7h97ABEBAAGJBD4EGAEK | ||
AAkFAld391cCGwICKQkQemAU4xZdThXBXSAEGQEKAAYFAld391cACgkQOIvsJzOX | ||
zETkeA/+JOhLGUnCDXjZZAe6GTMFIa/+f0fxAvdGbQjdJ7eitmTy73hYvm+D2+qY | ||
XInMUyWRqxZ3Tyf0iQVwcwVs0biSMUTrJyt6YZePlOZq2WMoqI7Cqx8UDRGPRJzM | ||
05fj/WkFECgRv8iXb4k9Zjr42BNhRVlCgYBnGHF9UNtApk145C9596PL4KKditZB | ||
PWz4QO2IhiWVza0spQGa2Z1jwVCy/Sh4P7t3R+oWGsCnbBind8tg8d0N2IvOnJz/ | ||
6NfSnrDVOMLNzh/7dEZcaotRFWZzz+8Z7HSFezg7eriMmxd459dyrFRnS+3g3sMU | ||
hprx+lrsz244IfYN/lsXPtZCci4kwJmI0swia6D21i3m9tqEIYl5uwhUTjn/q52f | ||
LHFPml6Ez9T+2YhHJfJh+/umOLKZHcfHluqq8I1YHhmdnGtkDwR9DMadyzG3wzcF | ||
QN7ncND20gl7AZfcHb2/eMayNaF2Kt82hudLhmNG6PyKksxyD7JGzbNa1hxCUZg9 | ||
uICWXm1kwX3aLLsPeio8XembIWV6lMs7FCaKQ05t83ukabPaHCoPdOO2yJozX/97 | ||
ObF551wxaCa/Cfn1GWVIGGXfO9NtRNU88on4PE+oR6VqVtDaThP8iag8RYR7B14w | ||
PlYr9pgKdLcw7hKv6Krj6gaSYzci/t7Q2V4eS6cZjzIuXM5PnSZfKxAAzLoj1dPK | ||
8s4QWCzjkwvlILONU7bKO7jCivVwFaB0DgvbHwP7UDhuzWZTl++amVVNZHBc9ioQ | ||
k3I9dYEtGrgHBVQlcBHYAx1IurJiK+LduMspCZ2uUAq3w5huQLmWz2hgigE/H4Vg | ||
oRCRzNJcArK2tkXirJglMtAhhRjSUx14wwGopoMiRn/w8u8dttxTb0NhvbCuQRen | ||
fmOPTevzklyBlNJyRu7Wbn2ji5TdKvi7ymLFHoMQ9fVWz04cfJsg3rjxT7hmKEAn | ||
3zP9bAZV3rgpc8wFkY0nCiv5n0eKqzGVLz6cse72P+J+SAkmUdkqy2OVqUcpeirN | ||
lv9Rg/XwBexO5TmYiVtS0N8OIcrTkGDY/u3ye4jQckrEdsTfjCinS5BbLLacTII9 | ||
dJAo+tDMdrDO++ALSQHlzSE2HmUHh4wWfgcgP7sxTYW8/usnKAzIZuvH79riFuzq | ||
PHfT0FS4umo+DjlxTvKVrNTvPP7T8MreYNMb12oT8WnJK/TnFBqdzKMjwsq6Z5g2 | ||
UKUiMYR9owtzmHerqWFOjbSHqtaQGz2KBHabPC1GNlS8zYTYMmkYnE6FPP+O568t | ||
8IUwzJAc3BDSJfZDY+mo37cp946kjwCN6NN+aZEzVG83tjgz6NrRpDv73YjH9Ej6 | ||
YjX+RpQAEQ+Plbt2f2gUTKwaqOaMiH1twBy5Ag0EV3f5JQEQAJqvwQd21kVJHURa | ||
1C9gmZi3MD1Cc9TiKiXizNwOmLUPVcUYKh9JEjrNF/l3kQYqoozY8LHBSdly36eh | ||
M0RXftCSSyAc77MmbguDnYbaVqbrA6eZt022/bhlI6C3ivVyUYthoTVD81tlyQ+j | ||
+XuyMRZV2c45VZfeXCfi307wml9DR2BmG//gdLoqvLF43/1iF1y7KFpgYcdvtAGE | ||
4JAKV3IpvICxw6/hcjJMHppwNhDWTrKkIs6XDDfWpZcQcJ6mvthC0ewzN/gEOXR5 | ||
YY6jFF4EXjm8ey+Hf2dGmUkz7uB+dFqHUcpQ0iaYarBWKU0yjQwv1ZByzi11aNHn | ||
U5oUNpBoiN4H0xjoJxyT3meNYze5wt5aoZz8iDy09Xuz11C/tIZwiYQaYXprW3KG | ||
06FF70x01RN8WXSh//yhxLwSbaa47T+OHbsy71kPDpwIegGg63B8HhbjwFqbCuw5 | ||
VCMSL/TyUDD9bGvGqmXft/j1fkZDZlbGsWmA/vm7hsUm4STanbXUZ3JJFouir5Kf | ||
epcphULOYxAE4U6jLFWxJYQgRYwdLPr5jP5QGispdBu/ILL0gOnPfU5i70b/dn0Z | ||
5klU1iulU7eO9w7mw/huaDR+eVFLmenO0Up3oHUBWMX6ayO7iNwGQaqoChZ9opT4 | ||
iVaRt7M4s/VazbV8nxTK9kLbeDZJABEBAAGJAh8EGAEKAAkFAld3+SUCGwwACgkQ | ||
emAU4xZdThXUgw//dgXIb3BWOJ4WqKatkomFb7KCfeguWSYbIhSdgyIwIVhQFdoL | ||
E8YecPywxVuuWXIthtqz8Rq4KMz2C1d1ngEV0rdNwFdkrRBka7co0ctlRyn9cUU6 | ||
nZgZyoMfMNuM6GwaOA934FJYGACHQSXX0bcLE6k7R/VivVahCC9u+y7lsV1QrfId | ||
3Qr8QgVEJ7pe9gw/ljDeaeSHk0KgJRkCVlgFstbgnHPaBpdG8SbItO+CHVEBk9XG | ||
OKA847XYTcvwsQigpjtwbp2P7TXfl6dwfCV7K+GmBOmFnypqIFNpItXW5AwVvuF2 | ||
o+rOhyS6W3R9Ol45dSAbwWRDUnVxEOYRmDAahx6bfbqfZ/X9jfxRfjR2TbpyCf7C | ||
NYs7cmzW8520X2v26d/ybOPGahn1McwVX+7PonXc/geSLjk6+/Ujy5BslYqzPitY | ||
drbJM5utq0FCdATCovMvobih1FyPXE9V2Ca/YUBOlO31fsbufIyZo8vRwj8wK/kp | ||
v6Tlw2LpnrJAsyIydxU9+cfO5hrk85OE5aHPRYiog2L2aORU0xJ/hl8mZLIMWDvy | ||
2xxD9mmDxdcdgMiVmakwPgNiu/d1JJ2x3d22NgRw2pcXkEIN4rjf0WH+Ll69WxTo | ||
oLSJ3dWJ18gxqX94xMyXch0H146aCnRwIevhyqlVM9c69KKiXX22SmZuhSC5Ag0E | ||
V3f7KQEQAKr/X9MwJNnDULsaZkX7Z63FIs+UR8g6JBoy6/tI0Vb1MbrT69WSWXjK | ||
VNl1xI9Ri3gkfI6uvUZqHFOJ1UqlhRRfqiJjRhZNmrDoPTTYxhOMUvgP5xJ3ioNI | ||
6u0o5YZoSa53tP2S+aUufDEOkmfYxU91uJRDyhez6ipikUdguK1CKbr1aHPgBakT | ||
FBx9xpKUqIuPjO2i/oQdNKKiwc5a6B8XhoLVAbkavkl7aZHCWnH+/e9PveQk9mXv | ||
7Cmfltj813c81CYlGhLHXYHUAGLRZSmnLvsIHdf4J73Oe/fhLJZLuEz2kPRVJ0Qp | ||
CA0CfZZx6J+iHdo0OPOrnXpUhUn8rLXOmNPLZN3tLXNg0G9OF1c4UW6CNfKPZdJl | ||
PZisQgNdlN5TSIhI9XUkPmeoyuBmvE0hAjdqR2Q3XFP1qh09Z4e6/0DfStpWcSDP | ||
3J3MopFQjeycQ8YpHdDoqV/ST9OWeHimW0BhUli3V/b4gyvw5fi6xqmLqMXSXz4H | ||
PqVICZVKbRJ6XwbpzAea51LvTkxd045uJH3P6WKSxC6gvLVHvf+b9OnsgCRu2HO4 | ||
6iDQfd8UK9VxN24rHdypZt/tyLb8zWXmoT9B60MvJMQAHuyvBrp1Z5EPh6gprNpi | ||
QsSkNqZ8p7blZIU6LKvkbJL6joelQlW5fgMHr7TW0W8MAWmsZqHLABEBAAGJAh8E | ||
GAEKAAkFAld3+ykCGyAACgkQemAU4xZdThWsnBAApR7cwq5nuPTqfM9J3GBzVsuQ | ||
qXoI2R2KQ1Tih4pahIcOixg92Wi9Zw0P3MtU+JypZZdURpd9hoFt4q+gPldLM20g | ||
Cyr+HWpjRuFecBy7adI8vS5OrcIaY4/8RL/4Zw87eWpmPPm5auljXfRIV4+4u0TV | ||
Pq+a6YAVUKYI9Hm+iK4ucxQ189+WEb+NFOhNZGbrme6BFXxYAXRAybf5L9eL/Eq9 | ||
N6xrNSMa2w9qTneRn07QXEm/HIepWsjCR140bK77wAErYek/OZCv/pAWBS/yRxeH | ||
eSulZOweMq/JmGvopV+PSmTPj3FjirPjBs6vrmIxVQLd5vKvEQaeUyjSybJmwKPL | ||
LoJRy3dPzaDySTqH1okCeC/W0btFVjVGbiyMY8PbO6U5Tso+tGK0SDAR3NItaxXL | ||
273yX4Xe6u3WprJTu/Dyok5IFaEj4rrBd28EWzSfT5AChunxUy7JBzlb7CYGDFBe | ||
zdzjBSnOlDLBgOLb+IVpxPZQReXmOczeXzPg64uW6lpmg7Qygb/DUFCuVEqsjs3b | ||
Gye1LD8gAajcBqZcXjCCCS61DCSi0l8jSwE2o+5LYB7zoN8MD6/iu0ZQuDJVpM5V | ||
Tr2a9rhuK37AJwrOgC2jeeBIS5WJR1L+LyenIgKm98AUwobgQxhZZzei0bORV6VA | ||
xlm0N1F5XmNjirAjp4U= | ||
=1Ntd | ||
-----END PGP PUBLIC KEY BLOCK----- | ||
``` | ||
|
||
And this can be added to an `authorized_keys` file to let me SSH into things. | ||
Don't do that unless you're sure that's a good idea, but it's there in case | ||
anyone (like me) needs it: | ||
|
||
``` | ||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCq/1/TMCTZw1C7GmZF+2etxSLPlEfIOiQaMuv7SNFW9TG60+vVkll4ylTZdcSPUYt4JHyOrr1GahxTidVKpYUUX6oiY0YWTZqw6D002MYTjFL4D+cSd4qDSOrtKOWGaEmud7T9kvmlLnwxDpJn2MVPdbiUQ8oXs+oqYpFHYLitQim69Whz4AWpExQcfcaSlKiLj4ztov6EHTSiosHOWugfF4aC1QG5Gr5Je2mRwlpx/v3vT73kJPZl7+wpn5bY/Nd3PNQmJRoSx12B1ABi0WUppy77CB3X+Ce9znv34SyWS7hM9pD0VSdEKQgNAn2Wceifoh3aNDjzq516VIVJ/Ky1zpjTy2Td7S1zYNBvThdXOFFugjXyj2XSZT2YrEIDXZTeU0iISPV1JD5nqMrgZrxNIQI3akdkN1xT9aodPWeHuv9A30raVnEgz9ydzKKRUI3snEPGKR3Q6Klf0k/Tlnh4pltAYVJYt1f2+IMr8OX4usapi6jF0l8+Bz6lSAmVSm0Sel8G6cwHmudS705MXdOObiR9z+liksQuoLy1R73/m/Tp7IAkbthzuOog0H3fFCvVcTduKx3cqWbf7ci2/M1l5qE/QetDLyTEAB7srwa6dWeRD4eoKazaYkLEpDamfKe25WSFOiyr5GyS+o6HpUJVuX4DB6+01tFvDAFprGahyw== cardno:000604679282 | ||
``` | ||
|
||
[drduh-guide]: https://github.com/drduh/Yubikey-Guide | ||
[github-pubkeys]: https://github.com/amazingant.keys |