Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
executable file 507 lines (396 sloc) 30.6 KB
<!DOCTYPE html>
<!--[if IEMobile 7 ]><html class="no-js iem7" prefix="og: http://ogp.me/ns#"><![endif]-->
<!--[if lt IE 9]><html class="no-js lte-ie8" prefix="og: http://ogp.me/ns#"><![endif]-->
<!--[if (gt IE 8)|(gt IEMobile 7)|!(IEMobile)|!(IE)]><!--><html class="no-js" lang="en-US" prefix="og: http://ogp.me/ns#"><!--<![endif]-->
<head>
<meta charset="utf-8" />
<title>PGP Keys for Eric Duncan - Eric Duncan</title>
<meta name="author" content="Eric Duncan" />
<meta name="description" content="Aug 13th, 2014 PGP Keys for Eric Duncan I have published my public PGP keys below for my two main email addresses. I have also published my PGP keys &hellip;" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<meta name="HandheldFriendly" content="True" />
<meta name="MobileOptimized" content="320" />
<meta name="generator" content="Octopress 2.0 - Customized by @eduncan911" />
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:creator" content="@eduncan911">
<meta property="og:title" content="PGP Keys for Eric Duncan" />
<meta property="og:description" content="Aug 13th, 2014 PGP Keys for Eric Duncan I have published my public PGP keys below for my two main email addresses. I have also published my PGP keys &hellip;" />
<meta property="og:type" content="article" />
<meta property="og:image" content="/maxresdefault.jpg" />
<meta property="og:url" content="http://eduncan911.com/keys/index.html" />
<meta property="og:site_name" content="Eric Duncan" />
<meta property="og:video" content="" />
<link rel="canonical" href="http://eduncan911.com/keys/index.html" />
<link rel="alternate" href="/atom.xml" title="Eric Duncan" type="application/atom+xml" />
<link rel="shortcut icon" href="/favicon.png" />
<link rel="stylesheet" href="//fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic|Open+Sans:700,400" type="text/css" />
<link rel="stylesheet" href="/stylesheets/screen.css" media="screen, projection" type="text/css" />
<style type="text/css">
header .blog-title a, header .blog-description {
color: #ffffff;
text-transform: lowercase;
}
</style>
<script src="/javascripts/modernizr-2.0.js"></script>
</head>
<body class="home blog">
<header id="masthead" role="banner" class="site-head site-header">
<div class="vertical" itemscope itemtype="http://schema.org/Article">
<div class="site-head-content inner" itemprop="author" itemscope itemtype="http://schema.org/Person">
<h1 class="blog-title" itemprop="name"><a class="blog-logo" href='/' rel='home'>Eric Duncan</a></h1>
<h2 class="blog-description" itemprop="jobtitle">spawning a race of beings</h2>
<meta itemprop="givenname" content="Eric" />
<meta itemprop="familyname" content="Duncan" />
<meta itemprop="affiliation" content="eduncan911" />
<meta itemprop="jobtitle" content="Software Architect" />
</div>
</div>
</header>
<main id="content" class="content" role="main">
<article class="post type-post status-publish format-standard hentry category-schweeeet" itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<span class="post-meta">
<span class="posted-on"><time class="entry-date published date updated" datetime="2014-08-13T12:15:00-04:00" content="2014-08-13T12:15:00-04:00" itemprop="datePublished">Aug 13<span>th</span>, 2014</time></span>
</span>
<h1 class="post-title entry-title" itemprop="name"><a href="" rel="bookmark">PGP Keys for Eric Duncan</a></h1>
<meta itemprop="url" content="" />
</header>
<section class="post-content" itemprop="articleBody">
<!-- BEGIN MARKDOWN CONTENT: I can't control the formatting here, bleh -->
<p>I have published my public PGP keys below for my two main email addresses. I have also published my PGP keys in the <a href="http://pgp.mit.edu/">MIT directory pgp.mit.edu</a> as well that are linked to the same email addresses. If at any time I need to revoke a certificate, it will be revoked there.</p>
<p>I will also be on <a href="https://www.darkmail.info/">Dark Mail</a> (if) and when it launches and will update this page with my public key(s) from it as well.</p>
<p>Therefore to keep up with any changes to my PGP and Dark Mail keys, you may want to <a href="https://github.com/eduncan911/eduncan911.github.io/blob/master/keys/index.html">subscribe to updates of this page at GitHub</a>.</p>
<h2>Public Key (copy this chunk to a file)</h2>
<figure class='code'><figcaption><span></span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
<span class='line-number'>2</span>
<span class='line-number'>3</span>
<span class='line-number'>4</span>
<span class='line-number'>5</span>
<span class='line-number'>6</span>
<span class='line-number'>7</span>
<span class='line-number'>8</span>
<span class='line-number'>9</span>
<span class='line-number'>10</span>
<span class='line-number'>11</span>
<span class='line-number'>12</span>
<span class='line-number'>13</span>
<span class='line-number'>14</span>
<span class='line-number'>15</span>
<span class='line-number'>16</span>
<span class='line-number'>17</span>
<span class='line-number'>18</span>
<span class='line-number'>19</span>
<span class='line-number'>20</span>
<span class='line-number'>21</span>
<span class='line-number'>22</span>
<span class='line-number'>23</span>
<span class='line-number'>24</span>
<span class='line-number'>25</span>
<span class='line-number'>26</span>
<span class='line-number'>27</span>
<span class='line-number'>28</span>
<span class='line-number'>29</span>
<span class='line-number'>30</span>
<span class='line-number'>31</span>
<span class='line-number'>32</span>
<span class='line-number'>33</span>
<span class='line-number'>34</span>
<span class='line-number'>35</span>
<span class='line-number'>36</span>
<span class='line-number'>37</span>
<span class='line-number'>38</span>
<span class='line-number'>39</span>
<span class='line-number'>40</span>
<span class='line-number'>41</span>
<span class='line-number'>42</span>
<span class='line-number'>43</span>
<span class='line-number'>44</span>
<span class='line-number'>45</span>
<span class='line-number'>46</span>
<span class='line-number'>47</span>
<span class='line-number'>48</span>
<span class='line-number'>49</span>
<span class='line-number'>50</span>
<span class='line-number'>51</span>
<span class='line-number'>52</span>
<span class='line-number'>53</span>
<span class='line-number'>54</span>
<span class='line-number'>55</span>
<span class='line-number'>56</span>
<span class='line-number'>57</span>
<span class='line-number'>58</span>
<span class='line-number'>59</span>
<span class='line-number'>60</span>
<span class='line-number'>61</span>
<span class='line-number'>62</span>
<span class='line-number'>63</span>
<span class='line-number'>64</span>
<span class='line-number'>65</span>
<span class='line-number'>66</span>
<span class='line-number'>67</span>
<span class='line-number'>68</span>
<span class='line-number'>69</span>
<span class='line-number'>70</span>
<span class='line-number'>71</span>
<span class='line-number'>72</span>
<span class='line-number'>73</span>
<span class='line-number'>74</span>
<span class='line-number'>75</span>
<span class='line-number'>76</span>
</pre></td><td class='code'><pre><code class='text'><span class='line'>-----BEGIN PGP PUBLIC KEY BLOCK-----
</span><span class='line'>
</span><span class='line'>mQINBFPrubYBEAC/z8jhm1lZXfuLrrRLkd0Yk0AlUJcxpfRLsSXEoI6BxTYHDbvr
</span><span class='line'>Ux5R9NROW1FdVE7atL38xHTzzoiiU+1b+DZybO8M4w4SusOzf3rat54mBKsnj/rF
</span><span class='line'>5fZT1tSyYu4vat0fCGmZz2hupf3B6D2uM9/7Jd4BH9G1HYR9t55cGpfuN9gW8nQl
</span><span class='line'>rXiv1Zt///j+kcdyyQKMWMaHgzTdo2MLyvM18CnF38Hqmh/J47fNSMQnIlV8AbOD
</span><span class='line'>8tb4qCc9t5RyrA2+BfGnoFfT9VTYw71BHdVZUF9q/PLSntzMdYxntzUlG5flSiL8
</span><span class='line'>BgSNDAAeNZ7M+7JgJ1GAU4u1sVJtjjmswwMY41MsmG+OhsaTovnkxys5bvGkJUFe
</span><span class='line'>AHJXqukmlUBmRYfHsNZ1Xppqm0BEktSp47Bezh1/8uoASpH+0km5713HPQwrFed9
</span><span class='line'>EBbP5SIeTIRz9GkgqViinYZbQIge/xc3so71jbRo0N16/3bM65AHwu/DcfslCh3R
</span><span class='line'>hlumzTjQxUchF9H5Yh2W63CnsxCENnAM6gtnj+3h4RUOrWgYYn9Tm17dwjfnRfr3
</span><span class='line'>NiTy5eSnhbeSmXtDfkc6NMXDhTnqJ3TjirvrcGxN2LU+qr203YbghI9h2UV3PYfa
</span><span class='line'>2nQjQLaHx/UlzH3Y4B3f4+4nvrO61SMimlVe9re+ioDEyBuMjQPD8zXF4wARAQAB
</span><span class='line'>tC9FcmljIER1bmNhbiAoZWR1bmNhbjkxMSkgPGVkdW5jYW45MTFAZ21haWwuY29t
</span><span class='line'>PokCTgQTAQgAOBYhBHipE+qvgSQVS1ALKlzg+VqlEKqMBQJZTXJbAhsDBQsJCAcC
</span><span class='line'>BhUICQoLAgQWAgMBAh4BAheAAAoJEFzg+VqlEKqMUX8P/2Q4P+/TcZrFoDcJicjR
</span><span class='line'>s+0bIZttgB5FI0QVBXyciDqu0w1Sy0ywHoZSa5WnnYY837wXyiAessYTmn6bG5e4
</span><span class='line'>hbGobfbuq523w5paeO6LYXglopbSKsJ5sbQkvD+VOVipGLWWbPrvQKYCTB2EvN/Y
</span><span class='line'>m1fNK6cShjFFo7tSm4GfD2103IKGesE26XRoUUVhPdqQNeY3NgvSmXGXG2TLsXs0
</span><span class='line'>9fQzlNOJf8qxV3m9uejDMAjAm4WtnprfVthF6RgzWtiXeSsvBJOg8eo1aoBn/gE5
</span><span class='line'>5Zalw+HftD09CunFmjmd14xvB6ClaoXB1h4xfxSxJv5jj18E1/6bxb/wujnn1Sji
</span><span class='line'>TZ7ugTYQnxuHf0UJlnlRPrtSYT3gCi0xGdZTrqTduFCDPz++rP1gMVRuAcuZOXMk
</span><span class='line'>DLUrSY3kGFX5lj1U31qk6/FbZikWZ9RvJ74gxuTV0eLNsZb1TU99cOqGpd85V9wT
</span><span class='line'>WiWH/5yfcmqS7wGvGyU3YQsBygPmON14dmnDppKsmYYj5UdaZn+f7ygi44Oml1bn
</span><span class='line'>PYn73qJ80VHS2CkwE4/MLcVfQpJOkjM0yz7UcarquKuJn97m7KTgLzlmCZ1rdIZR
</span><span class='line'>nLg9AYsBajGStj+VfSRq6D+FzBi+lC1undowgtYxBrBfe/TUky9wAlzrJLzU6tzW
</span><span class='line'>C9xKxyqG2elVMMUpxLzhEGbZtCxFcmljIER1bmNhbiAoZWR1bmNhbjkxMSkgPG1l
</span><span class='line'>QGVkdW5jYW45MTEuY29tPokCPwQTAQIAKQIbAwIeAQIXgAUCU+u6dgoLCQ0IDAcL
</span><span class='line'>CgMCCBUKCQgLAgMBBRYCAwEAAAoJEFzg+VqlEKqM9+8P/1hjl1/5tc/e7InRwiFU
</span><span class='line'>OsKeiWNaAPupSgNyKXplzTIllqUXewLLOdZIzwbR/lgje9f5/bs0GKzIQ8/VtVdV
</span><span class='line'>d+JHjWZss9uQolxnR4uxds8w+ymMoHa9bhX6zwSzlj3ns+ywAk4BaZ4yLmXl9TQo
</span><span class='line'>W2NS9FyPZf9jNeR7+mvnOFPSWRouHm4vO8ePqXCpdkb0aeS6piSsMut1Mg6JRKO0
</span><span class='line'>zsJn8M8PChPY1tR6HLpmEjRCKp/L3EsULhmCPjfGiVOetVOC6hXv68Us1N2D/P5s
</span><span class='line'>IR3MCQO4dJ6lHoL7enwGv7Wr3/couuaI41OJFB+C3eW3a3KPZBZ6FqOo+9Zp043E
</span><span class='line'>t4FtTw2fu9lsDhwPoDEbohX9S/ZRQUZpEfE/kC/0XbQDrgFo3UbhNlu2etfkIpnL
</span><span class='line'>6Fb3PS9eXhmcCPuXMTMM37BLXiV6+0MRodbrK8fsv1eXnNftJvIteN6Z63/ForVt
</span><span class='line'>9jpfV5g802egKrbcfX72M84h7pNCLaoagabT+vbZq5eP9PLWPvT6DS8HyiTGhWSP
</span><span class='line'>f0X6zjBOmPEXGazj3v0rX5uh2r/YqXT7MWVugRJdCAF93zTDEVkWBcqr/kbc/77X
</span><span class='line'>rG4Wn7ajaBi4KkjTfwOX8GcbkZ3WObZg8Ex1JLtwOocqn6YVYxas5t0ORoE8ZSAt
</span><span class='line'>cLhqJC7MCpmpAueYdM7gFMuliQI4BBMBAgAiBQJT67m2AhsDBgsJCAcDAgYVCAIJ
</span><span class='line'>CgsEFgIDAQIeAQIXgAAKCRBc4PlapRCqjF8SD/96uel6yZnEMPfIjD1YHZ0YojWs
</span><span class='line'>dQWs9PbgqATsNg60B9vu8xAWGACLQPuvMBKkxAWz/czlDCCkedk4N6r3Ioa1Jrpq
</span><span class='line'>lM/tHOKUokXoxM2S9sxhoBRMx27jtCjPKnCCDNY1tPKC7n0y8TqR5R3SEc9iHSBe
</span><span class='line'>PqALMAgaPj6qY2UmMtVe+j9X+CoqPt7CKv6MV4Dww+kBev21BgJsNdG1Gn8l1qE4
</span><span class='line'>Tzpo3hfWN9vxiErlblbAkE65PWGnGiG7TrHZFPwINstk9yxf4K4X1kFHzxrOqIg/
</span><span class='line'>EuFpA8rS91lYm7j0Tl0yzDh1hmZBnWHAPtyhe/tIA9fqmkG1sHqbLgutbK/MF2tS
</span><span class='line'>Kl7I63Wwa1m3Hx0o3hwYY3TLHkZfakPZE3sRPBJrfOCxNrMsExr8KgBTKBsczwNa
</span><span class='line'>E0AkMGvdpO1gc1i+gxboBOdHnDvjoc6ZXjcPApqOPq3O/pWrrBuAjwPy8/TMB0eU
</span><span class='line'>RvLEbZJe3zKEQHNe7j5hsf0bDaXqoCDBhXb4NNV8+R97MHOK7Diq2NHBnaoa//pu
</span><span class='line'>OzyB1sp8pl8XdQXjdaMGogs5De59eY9qyZ5ogiQIzMVe7UhU7kDUO/zIgyI2c8b9
</span><span class='line'>417it6CJaatvTKgwQB+pSoA9j7unjhoNF6UjrfaWgnAV2Jy+NBVMHgPpBBpe1GXg
</span><span class='line'>fKmSAFqtZCWov18tr7kCDQRT67m2ARAAujYhBSHO9YMMFVHti/LereYe8YpjGNJX
</span><span class='line'>Ft1aHHOYUKiZBKhshw9yYpqNrHwu8lle+kWZYKmSegiGUcB2J1+lnlxkhe1wmLOU
</span><span class='line'>OpX1frNUAizlYvbfP/wAbc5OQygIuXRhTHyFVb/XsqkWj+U16JcRNOeKPWBrDNkg
</span><span class='line'>MTmwTGxkJFliK/bKoYxjaY/4zuM7hqc7xWXbSXg2jBNTPHvNaJnhIXPPvXpcugTP
</span><span class='line'>+5LYpMMesLrxJXOoXA0qeTPO5wyoWiZliuvU+CDNkcfwupHphj6l/aNJ1pevvJbA
</span><span class='line'>QUiixyXeWt/AHMXIYqw1DzmyD0Zl2/0LVg2rMGZnzYJ8voDbWhqYytUUAuiYRKE3
</span><span class='line'>7h+BeBrLT9Q4zvMyueU2wyXbt2pU667k/a4AcyMoZYnWDogJj46aZBYJnonwd6uZ
</span><span class='line'>iz92aEUidIZwsNdtMDuBTcnh61k9sTbDLCDR8fAZn0uZYU7q9tmnV/fpTWMay0gK
</span><span class='line'>qMt7ZKl4q8J2Sc6iOTKKT91B7+yqR32ofhZ3zlNpfjFJRGfXAR8EZFmLYUmosiO3
</span><span class='line'>NDFDoIvuhgPdJbUdGQt/YX3iZoDpv/DergQpa6dc+2vkrNdZ7Y8QSPsMLTG6QOo6
</span><span class='line'>9wXvp+lDozV8QqMH+rhtYj+9db3UYEbWzJt2hvUeuNdrPKkB/ph/3dF1weWEtTcn
</span><span class='line'>BrpOK1hnsw0AEQEAAYkCHwQYAQIACQUCU+u5tgIbDAAKCRBc4PlapRCqjF65D/4v
</span><span class='line'>1W5tdsQVx06GdavyBj87uHU2YIhgEXOZGcvalr+aWdUGl7EtN8YDtJNJUduXIYOo
</span><span class='line'>oYLYpY++Rs+fqa09qLaU4DuQeuM2vqbW8cMnTnqWiFiuH4WBNUrdjE6rRUdwpLc8
</span><span class='line'>wn7UwILMvOOv6MRcAzgMKpf+WEQ+1IJEW551eOJJes6JLEp31QJgkCD1bWjXTPLy
</span><span class='line'>lBVx7VSLKKro8t+8GmPxRXWKaMAwm/UjIGnu8739ML4/GI5KFs55JdHsB7I6uJ/V
</span><span class='line'>l5V7T4DLZ5CP0F9JO/dLSUjcoBvOQwqB7Z7R8uyX4MCU7a7dzjKdXSAK3Lu/Xyhq
</span><span class='line'>8+MnWU20W+hfZfsXXquP7GDQ3bBeGk7BGRRDs5Usy1ssLNWt7RZHfce8ImmkD3Pn
</span><span class='line'>fVKjdynEv0+mbMeoAhXpT/U/pED36d5vEKQzKLNxmzI1ZzOSet/0W33K3rupQGs+
</span><span class='line'>3w+P6H76ftJtoQiZgyp4uJe3LTaL+xzeaaDm9KJDk1GxbAoyNLYOu4g1yT/qteo9
</span><span class='line'>JJiptBPR6a6ZhdVvdPRhrauFwjzFgLkItzKjj01U2zLHyQYYwtVA7/yFPzchPzW9
</span><span class='line'>FuHjEpiO922+kaprv1QIZb+P0ZMf18y1+Eo9BKczkRpyXcUONvubaVVvhM1+voxm
</span><span class='line'>5We9UAn/JcU9TiyAy3pWplP3j4lJax4ffOwuMdq95w==
</span><span class='line'>=uWjH
</span><span class='line'>-----END PGP PUBLIC KEY BLOCK-----
</span></code></pre></td></tr></table></div></figure>
<figure class='code'><figcaption><span>Verification Fingerprint</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
<span class='line-number'>2</span>
<span class='line-number'>3</span>
<span class='line-number'>4</span>
</pre></td><td class='code'><pre><code class='text'><span class='line'>pub rsa4096/5CE0F95AA510AA8C 2014-08-13 [SC]
</span><span class='line'>Key fingerprint = 78A9 13EA AF81 2415 4B50 0B2A 5CE0 F95A A510 AA8C
</span><span class='line'>Long Key ID = 5CE0F95AA510AA8C
</span><span class='line'>Short Key ID = A510AA8C
</span></code></pre></td></tr></table></div></figure>
<p>You can use my public key to send me encrypted messages and files. The
fingerprint is used to validate my identity (over video chat, in person, etc).</p>
<h2>Verifying Me: Eric Duncan, aka eduncan911</h2>
<p>You can use the fingerprints above to verify the PGP key if you trust my website to be an authoritative source.</p>
<p>To verify that my website has not been tampered with, you may review the <strong>commit history</strong> on GitHub for any updates other than me along with the datetime of the last updates:</p>
<p><a href="https://github.com/eduncan911/eduncan911.github.io/blob/master/keys/index.html">https://github.com/eduncan911/eduncan911.github.io/blob/master/keys/index.html</a></p>
<p>This link shows this actual page you are viewing right now as it is being hosted directly on GitHub Pages (GitHub served you this page, as you are reading it).</p>
<p>Therefore, it can be safe to assume verification of my fingerprint by viewing any tampering or updates to this file in the <strong>commit history</strong> listed on GitHub.</p>
<p>My GitHub account is protected by two-factor authentication so you can assume that my username/password has not been compromised for an unauthorized update to this page.</p>
<h2>GnuPG Tips</h2>
<p>I am archiving a list of <code>gpg2</code> commands I use from time to time for me when setting up new systems, generating new keys, revoking, etc. Feel free to use them as you wish.</p>
<p>Most of these I have sourced from <a href="https://futureboy.us/pgp.html#StrongerAlgorithms">Alan Eliasen</a> and I highly advise you read that link.</p>
<h3>Generate a New Key</h3>
<figure class='code'><figcaption><span>Generate a PGP Key using GnuPG</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --gen-key
</span></code></pre></td></tr></table></div></figure>
<p>Make sure to pick 4096.</p>
<h3>Use Stronger Algorithms Before Posting the Public Key</h3>
<p>These sets of commands will change the algorithm used even though GnuPG Version 2 already upgraded it to pretty strong ones. That Version 2 upgrade though doesn&rsquo;t allow for older weaker encryptions possibly used by other addressees in the same email. Therefore by setting the chain below, we stay compatible with older versions of GnuPG software that uses weaker algorithms by default that happen to be addressed in the same email (e.g. mostly Windows users).</p>
<figure class='code'><figcaption><span>Upgrade the Algorithms used</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
<span class='line-number'>2</span>
<span class='line-number'>3</span>
<span class='line-number'>4</span>
<span class='line-number'>5</span>
<span class='line-number'>6</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --list-keys
</span><span class='line'>gpg2 --interactive --edit-key your@email.address
</span><span class='line'>gpg&gt; showpref
</span><span class='line'>gpg&gt; setpref AES256 CAMELLIA256 AES192 CAMELLIA192 AES CAMELLIA128 TWOFISH CAST5 3DES SHA512 SHA384 SHA256 SHA224 SHA1 RIPEMD160 MD5 ZLIB BZIP2 ZIP Uncompressed
</span><span class='line'>gpg&gt; showpref
</span><span class='line'>gpg&gt; save
</span></code></pre></td></tr></table></div></figure>
<h3>Generate a Revocation Key</h3>
<p>Be smart and generate a revocation key and store it indefinitely in a secure location so you don&rsquo;t look like an idiot.</p>
<figure class='code'><figcaption><span>Generate a Revocation Key</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --gen-revoke --armor --output<span class="o">=</span>RevocationCertificate.asc your@email.address
</span></code></pre></td></tr></table></div></figure>
<h3>Export your Public Key to Share With Others</h3>
<p>Now that you have updated the algorithms and setup a revocation certificate, your public key is ready to be published.</p>
<figure class='code'><figcaption><span>Get the Public Key</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --armor --export your@email.address
</span></code></pre></td></tr></table></div></figure>
<p>Save this to a file named something like <code>pubkey.asc</code>, as the <code>.asc</code> extension
tells others that this is in ASCII format.</p>
<h3>Uploading your Public Key to the WOT</h3>
<p>You may want to publish your public key to online servers known as the Web of
Trust (WOT). This creates the availability of your public key should you send
an email to someone that didn&rsquo;t include your public key.</p>
<p>First thing is, unlike most other commands here, you can only do this with your
<em>keyid</em> &ndash; not your email address. Your <em>keyid</em> is located by looking at your
fingerprint and exporting a short keyid with it:</p>
<figure class='code'><figcaption><span>Short KEYID with Fingerprint </span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
<span class='line-number'>2</span>
<span class='line-number'>3</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --fingerprint --keyid-format short your@email.address
</span><span class='line'>pub rsa4096/A510AA8C 2014-08-13 <span class="o">[</span>SC<span class="o">]</span>
</span><span class='line'>...
</span></code></pre></td></tr></table></div></figure>
<p>In the output above, we can see my short KEYID is printed after
the <code>rsa4096/</code> portion: <strong><code>A510AA8C</code></strong>.</p>
<p>We take this <strong><code>A510AA8C</code></strong> and issue a command to send your public key to the
servers. Note: replace the <em>your-KEYID-here</em> with your short fingerprint. E.g.
mine was A510AA8C in the example above.</p>
<figure class='code'><figcaption><span>Publish your Public Key</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --keyserver pgp.mit.edu --send-keys your-KEYID-here
</span></code></pre></td></tr></table></div></figure>
<h3>Fingerprint: Verifying Identities</h3>
<p>So that others can verify your identity, generate a fingerprint that you can carry in your wallet, show over Skype video chat, etc.</p>
<figure class='code'><figcaption><span>Print your Fingerprint</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --fingerprint --keyid-format long your@email.address
</span></code></pre></td></tr></table></div></figure>
<p>Use the command above to print out the fingerprint of other people&rsquo;s fingerprint for verification.</p>
<h3>Backing up a Secret Key</h3>
<p>One method is to export your key as ASCII that allows you to print it (for rescanning later as it would be error prone to type it manually), or to store it in a key store (<a href="http://eduncan911.com/software/security/password-managers-are-not-immune-to-hacks-themselves.html">which in itself may be a bad idea</a>).</p>
<figure class='code'><figcaption><span>Exporting a Secret Key for Backup</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --export-secret-key --armor
</span></code></pre></td></tr></table></div></figure>
<p>Optionally, you can specify <code>--output filename</code> to dump it to a file.</p>
<h3>Signing Someone&rsquo;s Public Key for Local Usage</h3>
<p>So get rid of the warnings in email clients, signing the public key tells your system that you have verified and you trust the public key.</p>
<figure class='code'><figcaption><span>Signing a Public Key</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --sign-key their@email.address
</span></code></pre></td></tr></table></div></figure>
<p>Or for trusting someone on a low level:</p>
<figure class='code'><figcaption><span>Signing a Public Key, with Trust levels</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
<span class='line-number'>2</span>
<span class='line-number'>3</span>
<span class='line-number'>4</span>
<span class='line-number'>5</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --interactive --edit-key their@email.address
</span><span class='line'>gpg&gt; sign
</span><span class='line'>gpg&gt; trust
</span><span class='line'>gpg&gt; save
</span><span class='line'>gpg2 --export --armor their@email.address
</span></code></pre></td></tr></table></div></figure>
<h3>Import Someone&rsquo;s Signing of Your Public Key</h3>
<p>After someone verifies who you are, they may want to send you a signed certificate. You can import this signed certificate locally for any emails you send to them in the future.</p>
<figure class='code'><figcaption><span>Importing a Signed Key</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --import
</span></code></pre></td></tr></table></div></figure>
<h3>Locally Signing Someone&rsquo;s Key</h3>
<p>If you don&rsquo;t care about verifying the identity of a person&rsquo;s public key, you can just locally signing their public key blindly ignoring it.</p>
<figure class='code'><figcaption><span>Blindly Sign Someone&#8217;s Public key</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --lsign-key their@email.address
</span></code></pre></td></tr></table></div></figure>
<h3>Publishing your Public Key</h3>
<p>You may want to publish your key using GnuPG&rsquo;s command line, especially to multiple servers.</p>
<figure class='code'><figcaption><span>Publishing your key</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
<span class='line-number'>2</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --list-keys your@email.address
</span><span class='line'>gpg2 --keyserver pgp.mit.edu --send-keys <span class="o">[</span>KEYID<span class="o">]</span>
</span></code></pre></td></tr></table></div></figure>
<p>The <a href="https://futureboy.us/pgp.html#WebOfTrust">Web of Trust</a> dictates good practice of personally verifying someone&rsquo;s PGP keys by publishing your signed version of their PGP key publicly. Once you sign their key using the procedures above, you can publishing their key using the same &mdash;send-keys method above.</p>
<h3>Encrypting a File</h3>
<p>You can encrypt files using PGP.</p>
<figure class='code'><figcaption><span>Encrypt a File</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --encrypt --sign -r your@email.com filename
</span></code></pre></td></tr></table></div></figure>
<p>If you want to be able to decrypt the file in the future, you must add your own email address to the list of receiptents. The <code>-r</code> does this for you.</p>
<p>But say you want to one-time encrypt something to send. Most email clients keeps a <strong>Sent</strong> history (if you are sending it in email). You don&rsquo;t want this! What if your private key gets compromised and a few years goes past &ndash; then, someone with that old private key has the ability to decrypt that old email archived off in your Sent folder.</p>
<p>Therefore, you can omit your own email address. Just remember you will never be able to decode it &ndash; ever.</p>
<p>Alternatively, you can encrypt it with &mdash;armor that will print out the contents in ASCII mode, making it easier to paste into a text file or email.</p>
<figure class='code'><figcaption><span>Encrypt a File with ASCII Output</span></figcaption><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
</pre></td><td class='code'><pre><code class='bash'><span class='line'>gpg2 --armor --encrypt --sign -r your@email.com filename
</span></code></pre></td></tr></table></div></figure>
<h2>Summary</h2>
<p>That&rsquo;s about it for the tips.</p>
<p>There is a lot of reasons I skipped over that is listed on <a href="https://futureboy.us/pgp.html#StrongerAlgorithms">Alan Eliasen</a>&rsquo;s site. I pretty much consider it required reading before I trust you as a PGP sender.</p>
<!-- END MARKDOWN CONTENT -->
<section class="collapsable history">
<h5><a class="collapsable-trigger" href="#">&gt; Revision History</a></h5>
<ul class="post-metadata"><li><strong>Fri Jun 23 20:59:01 2017</strong><br/>removing photoid from pubkey as 20KB was still too big
</li><li><strong>Fri Jun 23 18:04:40 2017</strong><br/>adding more information to help others
</li><li><strong>Fri Jun 23 17:11:12 2017</strong><br/>Updating Public Key, removing duplicate email address - only using 1 pubkey now!
</li><li><strong>Wed Aug 13 15:36:18 2014</strong><br/>No changes to any Keys! This was to add a link in the body of the text to indicate why password managers can be a bad idea.
</li><li><strong>Wed Aug 13 15:32:56 2014</strong><br/>Created PGP Keys
</li></ul><p class="post-metadata">View on <a href=https://github.com/eduncan911/eduncan911.github.io/commits/source/source/keys/index.markdown target=_blank>Github</a></p>
</section>
</section>
</article>
</main>
<footer id="colophon" class="site-footer" role="contentinfo">
<a class="subscribe icon-feed" href="/atom.xml"><span class="tooltip">Subscribe!</span></a>
<div><a href="/blog">Blog</a></div>
<div><a href="/stem">STEM</a></div>
<div><a href="/blog/archives">Archives</a></div>
<div><a href="/contact">Contact Me</a></div>
<div><a href="/buymeabeer">Buy Me a Beer</a></div>
<div><a href="/blogtegrity">Blogtegrity</a></div>
<div><a href="/keys">PGP Keys</a></div>
<div><a href="/privacy">Privacy</a></div>
<div>&nbsp;</div>
<div class="site-info inner"><section class="copyright">© 2017 Eric Duncan <a href="http://creativecommons.org/licenses/by/2.5/">CC BY 2.5</a></section></div>
<div>a <a href="http://www.forgetfoo.me/" title="one of a 100 kickass designs by this guy">forgetfoo</a> design</div>
</footer>
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
<script>!window.jQuery && document.write(unescape('%3Cscript src="./javascripts/libs/jquery.min.js"%3E%3C/script%3E'))</script>
<script type='text/javascript' src='/javascripts/foo.casper.js?ver=20140422'></script>
<script type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-3705711-1']);
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>
</body>
</html>