Gpg: Difference between revisions
(Created page with "=== Create strong key === We want an elliptical curve key. It's baked in! But hidden. gpg --expert --full-generate-key Key kind: (9) ECC and ECC Elliptical curve: (1) C...") |
No edit summary |
||
| Line 8: | Line 8: | ||
email: m@bitpost.com | email: m@bitpost.com | ||
Passphrase: **** | Passphrase: **** | ||
=== PIN entry in emacs === | |||
Details are [[Emacs#GPG here]]. | |||
=== PIN entry over ssh === | |||
You can in theory decrypt a file over ssh without writing it to disk: | |||
ssh prod-cfg-1 gpg -d my_secrets.gpg | |||
But default PIN entry over tty is totally fucking broken. Try: | |||
emacs .gpg | |||
Revision as of 15:39, 22 April 2021
Create strong key
We want an elliptical curve key. It's baked in! But hidden.
gpg --expert --full-generate-key Key kind: (9) ECC and ECC Elliptical curve: (1) Curve 25519 Don't expire (0) Real name: Michael Behrns-Miller email: m@bitpost.com Passphrase: ****
PIN entry in emacs
Details are Emacs#GPG here.
PIN entry over ssh
You can in theory decrypt a file over ssh without writing it to disk:
ssh prod-cfg-1 gpg -d my_secrets.gpg
But default PIN entry over tty is totally fucking broken. Try:
emacs .gpg