mirror of
https://github.com/Erreur32/cheat.git
synced 2024-11-01 05:21:06 +01:00
f46698b656
Performed an extensive refactoring on the entire application for the sake of code-cleanliness. - Refactored out of an ad-hoc Imperative paradigm into more of a functional/declarative paradigm. IMO, this makes the application signifcantly easier to understand. - Moved away from `argparse` and into `docopt` for argument parsing - Version bump to 2.0.0 - Performed extensive refactoring on the setup.py script. Script should install to the system more cleanly now. - Made minor formatting changes to the --list flag output - Updated the README Squashed commit of the following: commit e5681bd536aa0220cdeb7884cc248db55be408c9 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 23:30:21 2014 -0400 Fixed many bugs Everything seems to work now, I think. commit 764ec5950cee958eb1b8333ddfcb6bcd45c28429 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 21:51:31 2014 -0400 Restructuring for the sake of setup.py Seem to finally have a working install script commit 5a866c23857b77ec65070dd8023cd734f2b7c242 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 18:01:11 2014 -0400 Nits commit a79954ba5b33d992fa6a32abffb33b161d624e3d Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 17:53:03 2014 -0400 Implemented search commit b570a897e9a12c15affe1a72628deae31836dee2 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 17:11:27 2014 -0400 Nits commit 1a8d85b44457f1b2131b3e8475c5270b5d0899e3 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 17:02:22 2014 -0400 Still refactoring across files Trying to make the program structure clearer commit 34dffd6462e492e81ea558e2009a71051b7663c9 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 16:40:37 2014 -0400 Breaking app into several files This is for the sake of code-cleanliness commit 4825d678ff5f9817ccbf727ef71e5dea15ff2586 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 15:55:19 2014 -0400 Got syntax highlighting working commit c37d7a626d451bfca3d4a072eb9fed604085170f Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 15:29:22 2014 -0400 Reduced verbosity of function names commit 8e626045186b37dce2480f5af1994ddfa8db79b5 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 15:24:41 2014 -0400 Refactored argument passing Fewer arguments now need to be passed throughout the app. commit 807ba814650010b3dd1b59d27400b3fb4fcfede7 Author: Chris Lane <chris@chris-allen-lane.com> Date: Sat Apr 26 11:40:05 2014 -0400 Working through the refactor commit e34e6540d4f8cd727e98aac68289d515a02d5fe6 Author: Chris Lane <chris@chris-allen-lane.com> Date: Thu Apr 24 20:00:10 2014 -0400 Got a basic end-to-end refactor working Have re-implemented just the most basic functionality in the "cheat2" file.
174 lines
3.5 KiB
Plaintext
174 lines
3.5 KiB
Plaintext
# Create a key
|
|
|
|
gpg --gen-key
|
|
|
|
|
|
# Show keys
|
|
|
|
To list a summary of all keys
|
|
|
|
gpg --list-keys
|
|
|
|
To show your public key
|
|
|
|
gpg --armor --export
|
|
|
|
To show the fingerprint for a key
|
|
|
|
gpg --fingerprint KEY_ID
|
|
|
|
# Search for keys
|
|
|
|
gpg --search-keys 'user@emailaddress.com'
|
|
|
|
|
|
# To Encrypt a File
|
|
|
|
gpg --encrypt --recipient 'user@emailaddress.com' example.txt
|
|
|
|
|
|
# To Decrypt a File
|
|
|
|
gpg --output example.txt --decrypt example.txt.gpg
|
|
|
|
|
|
# Export keys
|
|
|
|
gpg --output ~/public_key.txt --armor --export KEY_ID
|
|
gpg --output ~/private_key.txt --armor --export-secret-key KEY_ID
|
|
|
|
Where KEY_ID is the 8 character GPG key ID.
|
|
|
|
Store these files to a safe location, such as a USB drive, then
|
|
remove the private key file.
|
|
|
|
shred -zu ~/private_key.txt
|
|
|
|
# Import keys
|
|
|
|
Retrieve the key files which you previously exported.
|
|
|
|
gpg --import ~/public_key.txt
|
|
gpg --allow-secret-key-import --import ~/private_key.txt
|
|
|
|
Then delete the private key file.
|
|
|
|
shred -zu ~/private_key.txt
|
|
|
|
# Revoke a key
|
|
|
|
Create a revocation certificate.
|
|
|
|
gpg --output ~/revoke.asc --gen-revoke KEY_ID
|
|
|
|
Where KEY_ID is the 8 character GPG key ID.
|
|
|
|
After creating the certificate import it.
|
|
|
|
gpg --import ~/revoke.asc
|
|
|
|
Then ensure that key servers know about the revokation.
|
|
|
|
gpg --send-keys KEY_ID
|
|
|
|
# Signing and Verifying files
|
|
|
|
If you're uploading files to launchpad you may also want to include
|
|
a GPG signature file.
|
|
|
|
gpg -ba filename
|
|
|
|
or if you need to specify a particular key:
|
|
|
|
gpg --default-key <key ID> -ba filename
|
|
|
|
This then produces a file with a .asc extension which can be uploaded.
|
|
If you need to set the default key more permanently then edit the
|
|
file ~/.gnupg/gpg.conf and set the default-key parameter.
|
|
|
|
To verify a downloaded file using its signature file.
|
|
|
|
gpg --verify filename.asc
|
|
|
|
# Signing Public Keys
|
|
|
|
Import the public key or retrieve it from a server.
|
|
|
|
gpg --keyserver <keyserver> --recv-keys <Key_ID>
|
|
|
|
Check its fingerprint against any previously stated value.
|
|
|
|
gpg --fingerprint <Key_ID>
|
|
|
|
Sign the key.
|
|
|
|
gpg --sign-key <Key_ID>
|
|
|
|
Upload the signed key to a server.
|
|
|
|
gpg --keyserver <keyserver> --send-key <Key_ID>
|
|
|
|
# Change the email address associated with a GPG key
|
|
|
|
gpg --edit-key <key ID>
|
|
adduid
|
|
|
|
Enter the new name and email address. You can then list the addresses with:
|
|
|
|
list
|
|
|
|
If you want to delete a previous email address first select it:
|
|
|
|
uid <list number>
|
|
|
|
Then delete it with:
|
|
|
|
deluid
|
|
|
|
To finish type:
|
|
|
|
save
|
|
|
|
Publish the key to a server:
|
|
|
|
gpg --send-keys <key ID>
|
|
|
|
# Creating Subkeys
|
|
|
|
Subkeys can be useful if you don't wish to have your main GPG key
|
|
installed on multiple machines. In this way you can keep your
|
|
master key safe and have subkeys with expiry periods or which may be
|
|
separately revoked installed on various machines. This avoids
|
|
generating entirely separate keys and so breaking any web of trust
|
|
which has been established.
|
|
|
|
gpg --edit-key <key ID>
|
|
|
|
At the prompt type:
|
|
|
|
addkey
|
|
|
|
Choose RSA (sign only), 4096 bits and select an expiry period.
|
|
Entropy will be gathered.
|
|
|
|
At the prompt type:
|
|
|
|
save
|
|
|
|
You can also repeat the procedure, but selecting RSA (encrypt only).
|
|
To remove the master key, leaving only the subkey/s in place:
|
|
|
|
gpg --export-secret-subkeys <subkey ID> > subkeys
|
|
gpg --export <key ID> > pubkeys
|
|
gpg --delete-secret-key <key ID>
|
|
|
|
Import the keys back.
|
|
|
|
gpg --import pubkeys subkeys
|
|
|
|
Verify the import.
|
|
|
|
gpg -K
|
|
|
|
Should show sec# instead of just sec.
|