83 private links
Helps in creating and sharing secrets easily.
Uses AWS and GCE stuff for encryption but can also function without all that and just use GPG or age for encrypting.
Can be used to encrypt specific files in a git repo, or even encrypt/decrypt parts of a file (for example a specific value in a yml or json file).
Very neat and seems really useful!
One possible solution to remove persistent keys from ssh-agent (or gpg-agent). Worked for me!
A rust implementation of age (https://links.martyoeh.me/shaare/AXXx7g)
tries to have small explicit keys, no config options, and UNIX-style composability.
A gpg alternative that feels more modern, allows for less customization (which is generally a good thing in encryption) and has a very simple interface.
In essence it tries to be everything that gpg is not - except for also being secure. Unfortunately, adoption and integration is nowhere near the level of gpg (e.g. e-mail encryption, keyservers, general adoption with public key profiles reachable over web, etc)
To encrypt your SSH key, use:
ssh-keygen -p -f ~/.ssh/id_rsaIf the encrypted private key is stolen, an attacker needs to brute-force (guess) your password to use it.
To be more resistant to brute force-attacks, specify -a <number> to set the number of rounds used. The default is 16.
ssh-keygen -p -a 500 -f ~/.ssh/id_rsaPerhaps the most concise guide on multi-device gpg use I have seen.
Covers creation of master key, creation of device subkeys (signing), export of per-device subkey combinations (signing and encryption as needed), removal of a master key if desired and import on devices, as well as removal of subkeys on devices where they should not be available.
Comprehensive, quick and concise.
Another writeup of getting set up with Neomutt and the eco system for writing and receiving email.
Includes a little snippet on signing your email with gpg which I found very interesting.
Manage your GnuPG keys with ease! 🔐. Contribute to orhun/gpg-tui development by creating an account on GitHub.
This post describes the GnuPG pinentry process and provides a script which automatically chooses between a terminal or graphical interface based on the PINENTRY_USER_DATA environment variable.
A neat introduction to the way pinentry works. (Or seems to work, I have not done my due diligence here)
Sequoia is a modular OpenPGP implementation in Rust.
akin to an open source keybase.io
- Verifies your identity by linking your various account
- does not actually store identity data on its own servers
- can be self-hosted
- can integrate into openkeychain / conversations by generating QR codes
Running gpg-agent as a systemd user process
Generate a GPG key-pair, and convert it to an SSH key for authentication with your Linode.
Rotation of gpg keys
Complete tutorial for master/subkey setup which can be rotated
A chat bot that can manage your team's SSH accounts - keybase
- General GPG best practices
- this is in some cases outdated -- see corresponding issue with specific issue links
- GPG Key management
- Managing GPG keys with cmdline
- might also be outdated in specific areas
- Offline Key management with link to corresponding guide
- GPG Subkey management
Creating subkeys, revoking subkeys, connecting gpg masterkeys and subkeys and so on
I'm new to using GnuPG and trying to understand how best to use it. I've reviewed Short, easy to understand explanation of GPG