mirror of
https://github.com/Erreur32/cheat.git
synced 2024-10-31 21:11:07 +01:00
f46698b656
Performed an extensive refactoring on the entire application for the
sake of code-cleanliness.
- Refactored out of an ad-hoc Imperative paradigm into more of a
functional/declarative paradigm. IMO, this makes the application
signifcantly easier to understand.
- Moved away from `argparse` and into `docopt` for argument parsing
- Version bump to 2.0.0
- Performed extensive refactoring on the setup.py script. Script should
install to the system more cleanly now.
- Made minor formatting changes to the --list flag output
- Updated the README
Squashed commit of the following:
commit e5681bd536aa0220cdeb7884cc248db55be408c9
Author: Chris Lane <chris@chris-allen-lane.com>
Date: Sat Apr 26 23:30:21 2014 -0400
Fixed many bugs
Everything seems to work now, I think.
commit 764ec5950cee958eb1b8333ddfcb6bcd45c28429
Author: Chris Lane <chris@chris-allen-lane.com>
Date: Sat Apr 26 21:51:31 2014 -0400
Restructuring for the sake of setup.py
Seem to finally have a working install script
commit 5a866c23857b77ec65070dd8023cd734f2b7c242
Author: Chris Lane <chris@chris-allen-lane.com>
Date: Sat Apr 26 18:01:11 2014 -0400
Nits
commit a79954ba5b33d992fa6a32abffb33b161d624e3d
Author: Chris Lane <chris@chris-allen-lane.com>
Date: Sat Apr 26 17:53:03 2014 -0400
Implemented search
commit b570a897e9a12c15affe1a72628deae31836dee2
Author: Chris Lane <chris@chris-allen-lane.com>
Date: Sat Apr 26 17:11:27 2014 -0400
Nits
commit 1a8d85b44457f1b2131b3e8475c5270b5d0899e3
Author: Chris Lane <chris@chris-allen-lane.com>
Date: Sat Apr 26 17:02:22 2014 -0400
Still refactoring across files
Trying to make the program structure clearer
commit 34dffd6462e492e81ea558e2009a71051b7663c9
Author: Chris Lane <chris@chris-allen-lane.com>
Date: Sat Apr 26 16:40:37 2014 -0400
Breaking app into several files
This is for the sake of code-cleanliness
commit 4825d678ff5f9817ccbf727ef71e5dea15ff2586
Author: Chris Lane <chris@chris-allen-lane.com>
Date: Sat Apr 26 15:55:19 2014 -0400
Got syntax highlighting working
commit c37d7a626d451bfca3d4a072eb9fed604085170f
Author: Chris Lane <chris@chris-allen-lane.com>
Date: Sat Apr 26 15:29:22 2014 -0400
Reduced verbosity of function names
commit 8e626045186b37dce2480f5af1994ddfa8db79b5
Author: Chris Lane <chris@chris-allen-lane.com>
Date: Sat Apr 26 15:24:41 2014 -0400
Refactored argument passing
Fewer arguments now need to be passed throughout the app.
commit 807ba814650010b3dd1b59d27400b3fb4fcfede7
Author: Chris Lane <chris@chris-allen-lane.com>
Date: Sat Apr 26 11:40:05 2014 -0400
Working through the refactor
commit e34e6540d4f8cd727e98aac68289d515a02d5fe6
Author: Chris Lane <chris@chris-allen-lane.com>
Date: Thu Apr 24 20:00:10 2014 -0400
Got a basic end-to-end refactor working
Have re-implemented just the most basic functionality in the "cheat2"
file.
174 lines
3.5 KiB
Plaintext
174 lines
3.5 KiB
Plaintext
# Create a key
|
|
|
|
gpg --gen-key
|
|
|
|
|
|
# Show keys
|
|
|
|
To list a summary of all keys
|
|
|
|
gpg --list-keys
|
|
|
|
To show your public key
|
|
|
|
gpg --armor --export
|
|
|
|
To show the fingerprint for a key
|
|
|
|
gpg --fingerprint KEY_ID
|
|
|
|
# Search for keys
|
|
|
|
gpg --search-keys 'user@emailaddress.com'
|
|
|
|
|
|
# To Encrypt a File
|
|
|
|
gpg --encrypt --recipient 'user@emailaddress.com' example.txt
|
|
|
|
|
|
# To Decrypt a File
|
|
|
|
gpg --output example.txt --decrypt example.txt.gpg
|
|
|
|
|
|
# Export keys
|
|
|
|
gpg --output ~/public_key.txt --armor --export KEY_ID
|
|
gpg --output ~/private_key.txt --armor --export-secret-key KEY_ID
|
|
|
|
Where KEY_ID is the 8 character GPG key ID.
|
|
|
|
Store these files to a safe location, such as a USB drive, then
|
|
remove the private key file.
|
|
|
|
shred -zu ~/private_key.txt
|
|
|
|
# Import keys
|
|
|
|
Retrieve the key files which you previously exported.
|
|
|
|
gpg --import ~/public_key.txt
|
|
gpg --allow-secret-key-import --import ~/private_key.txt
|
|
|
|
Then delete the private key file.
|
|
|
|
shred -zu ~/private_key.txt
|
|
|
|
# Revoke a key
|
|
|
|
Create a revocation certificate.
|
|
|
|
gpg --output ~/revoke.asc --gen-revoke KEY_ID
|
|
|
|
Where KEY_ID is the 8 character GPG key ID.
|
|
|
|
After creating the certificate import it.
|
|
|
|
gpg --import ~/revoke.asc
|
|
|
|
Then ensure that key servers know about the revokation.
|
|
|
|
gpg --send-keys KEY_ID
|
|
|
|
# Signing and Verifying files
|
|
|
|
If you're uploading files to launchpad you may also want to include
|
|
a GPG signature file.
|
|
|
|
gpg -ba filename
|
|
|
|
or if you need to specify a particular key:
|
|
|
|
gpg --default-key <key ID> -ba filename
|
|
|
|
This then produces a file with a .asc extension which can be uploaded.
|
|
If you need to set the default key more permanently then edit the
|
|
file ~/.gnupg/gpg.conf and set the default-key parameter.
|
|
|
|
To verify a downloaded file using its signature file.
|
|
|
|
gpg --verify filename.asc
|
|
|
|
# Signing Public Keys
|
|
|
|
Import the public key or retrieve it from a server.
|
|
|
|
gpg --keyserver <keyserver> --recv-keys <Key_ID>
|
|
|
|
Check its fingerprint against any previously stated value.
|
|
|
|
gpg --fingerprint <Key_ID>
|
|
|
|
Sign the key.
|
|
|
|
gpg --sign-key <Key_ID>
|
|
|
|
Upload the signed key to a server.
|
|
|
|
gpg --keyserver <keyserver> --send-key <Key_ID>
|
|
|
|
# Change the email address associated with a GPG key
|
|
|
|
gpg --edit-key <key ID>
|
|
adduid
|
|
|
|
Enter the new name and email address. You can then list the addresses with:
|
|
|
|
list
|
|
|
|
If you want to delete a previous email address first select it:
|
|
|
|
uid <list number>
|
|
|
|
Then delete it with:
|
|
|
|
deluid
|
|
|
|
To finish type:
|
|
|
|
save
|
|
|
|
Publish the key to a server:
|
|
|
|
gpg --send-keys <key ID>
|
|
|
|
# Creating Subkeys
|
|
|
|
Subkeys can be useful if you don't wish to have your main GPG key
|
|
installed on multiple machines. In this way you can keep your
|
|
master key safe and have subkeys with expiry periods or which may be
|
|
separately revoked installed on various machines. This avoids
|
|
generating entirely separate keys and so breaking any web of trust
|
|
which has been established.
|
|
|
|
gpg --edit-key <key ID>
|
|
|
|
At the prompt type:
|
|
|
|
addkey
|
|
|
|
Choose RSA (sign only), 4096 bits and select an expiry period.
|
|
Entropy will be gathered.
|
|
|
|
At the prompt type:
|
|
|
|
save
|
|
|
|
You can also repeat the procedure, but selecting RSA (encrypt only).
|
|
To remove the master key, leaving only the subkey/s in place:
|
|
|
|
gpg --export-secret-subkeys <subkey ID> > subkeys
|
|
gpg --export <key ID> > pubkeys
|
|
gpg --delete-secret-key <key ID>
|
|
|
|
Import the keys back.
|
|
|
|
gpg --import pubkeys subkeys
|
|
|
|
Verify the import.
|
|
|
|
gpg -K
|
|
|
|
Should show sec# instead of just sec.
|