Difference between revisions of "Gpg"

From Bitpost wiki
Jump to navigation Jump to search
(Created page with "=== Create strong key === We want an elliptical curve key. It's baked in! But hidden. gpg --expert --full-generate-key Key kind: (9) ECC and ECC Elliptical curve: (1) C...")
 
Line 8: Line 8:
 
   email: m@bitpost.com
 
   email: m@bitpost.com
 
   Passphrase: ****
 
   Passphrase: ****
 +
=== PIN entry in emacs ===
 +
Details are [[Emacs#GPG here]].
 +
 +
=== PIN entry over ssh ===
 +
You can in theory decrypt a file over ssh without writing it to disk:
 +
ssh prod-cfg-1 gpg -d my_secrets.gpg
 +
But default PIN entry over tty is totally fucking broken.  Try:
 +
emacs .gpg

Revision as of 15:39, 22 April 2021

Create strong key

We want an elliptical curve key. It's baked in! But hidden.

gpg --expert --full-generate-key
 Key kind: (9) ECC and ECC
 Elliptical curve: (1) Curve 25519
 Don't expire (0)
 Real name: Michael Behrns-Miller
 email: m@bitpost.com
 Passphrase: ****

PIN entry in emacs

Details are Emacs#GPG here.

PIN entry over ssh

You can in theory decrypt a file over ssh without writing it to disk:

ssh prod-cfg-1 gpg -d my_secrets.gpg

But default PIN entry over tty is totally fucking broken. Try:

emacs .gpg