Welcome to my website. I am always posting links to photo albums, art, technology and other creations. Everything that you will see on my numerous personal sites is powered by the formVistaTM Website Management Engine.

icon.linkedin.jpgicon.twitter.jpg

  • Creating, Updating Expiration of and Posting PGP Keys
    02/17/2018 8:10AM
    Following are some of my notes and how-tos on creating, and managing PGP keys.

    Here is a link to a website with some very good information and best practices for managing keys:
    https://help.riseup.net/en/security/message-security/openpgp/best-practices

    Most of this article deals with the concept of setting a expiration date on a set of keys to a reasonable time and how you can update that key as time goes by.  Separate to the creation and publishing of your public key, you should set a reminder in whatever calendar system you are using to remind you to update the expiration date BEFORE it does actually expire a couple of weeks ahead of time.  I typically set my keys to expire in 13 months and set my calendar to remind me after 12 or so months.

    1) Creating a key set and distributing your public key:

    As mentioned, and when prompted, set a reasonable expiration time.  Also create a revocation cert.  See the aforementioned link for details.

    - To create a key:
    $ gpg2 --gen-key

    - List keys:
    $ gpg2 --list-keys
    /data/home/rchapin/.gnupg/pubring.gpg
    -------------------------------------
    pub   4096R/E5170CE8 2015-03-26 [expires: 2019-03-14]
    uid                  Ryan Chapin <rchapin@nbinteractive.com>
    sub   4096R/-------- 2015-03-26 [expires: 2019-03-14]

    - Distribute Public Key (use hkps, encrypted connection)
    $ gpg2 --keyserver hkps://hkps.pool.sks-keyservers.net --send-keys E5170CE8


    2) Searching for keys and verifying that they have been posted to a public keyserver:

    - List your keys
    $ gpg2 --list-keys
    /data/home/rchapin/.gnupg/pubring.gpg
    -------------------------------------
    pub   4096R/E5170CE8 2015-03-26 [expires: 2019-03-14]
    uid                  Ryan Chapin <rchapin@nbinteractive.com>
    sub   4096R/-------- 2015-03-26 [expires: 2019-03-14]

    The public key for this user is E5170CE8.  The 4096R indicates that it is 4096 bits.

    - Searching for the key:
    To search for the key via a key server such as https://pgp.mit.edu/ enter the following in the search string

      0xE5170CE8

    Make sure to prefix the hex value of the key with 0x to indicate to the keyserver that is a hex value and not an ASCII string.


    3) Update the expiration date of a key:

    - List the keys:

    - List your keys
    $ gpg2 --list-keys
    /data/home/rchapin/.gnupg/pubring.gpg
    -------------------------------------
    pub   4096R/E5170CE8 2015-03-26 [expires: 2019-03-14]
    uid                  Ryan Chapin <rchapin@nbinteractive.com>
    sub   4096R/-------- 2015-03-26 [expires: 2019-03-14]

    - Edit the key:
    $ gpg2 --edit-key E5170CE8


    - Select the key to edit, and then run the expire command.  Select the amount of time afterwhich the key will expire and follow the prompts to enter your passphrase.

    gpg> key 0
    gpg> expire
    Changing expiration time for the primary key.
    Please specify how long the key should be valid.
             0 = key does not expire
          <n>  = key expires in n days
          <n>w = key expires in n weeks
          <n>m = key expires in n months
          <n>y = key expires in n years
    Key is valid for? (0) 13m
    Key expires at Thu 14 Mar 2019 08:42:22 AM EDT
    Is this correct? (y/N) y

    You need a passphrase to unlock the secret key for
    user: "Ryan Chapin <rchapin@nbinteractive.com>"
    4096-bit RSA key, ID E5170CE8, created 2015-03-26


    - Select the sub-key (1) and repeat the process

    - Save the key
    gpg> save

    - Send the updated key to a keyserver
    $ gpg2 --keyserver hkps://hkps.pool.sks-keyservers.net --send-keys E5170CE8
  • Search and Replace for a New Line Character in VI
    02/28/2008 12:01PM
    For all of you out there who use vi on a regular basis . . . I recently needed to do a search and replace on a large document and needed to key off of the new line characters in the document.

    After a bit of searching here's what I found:

    If you need to do something like, search for all new lines and add the new line plus "foo" do the following:

    :1,%s/\n/^Mfoo/g

    You get the ^M character by pressing ctrl-v and then hitting enter.
  • Online Subversion Book
    12/20/2007 3:26PM
Advanced Search

Categories

Archives