commit c81be9793080337108bb61b5a9a08bb59e018f47
parent 5c738cdf480f2649348d145698b8d768d430a7a1
Author: Dash Eclipse <dash@ezup.dev>
Date: Fri, 3 Jul 2020 19:29:26 +0000
Update
Diffstat:
11 files changed, 141 insertions(+), 70 deletions(-)
diff --git a/.web/blog/index.html b/.web/blog/index.html
@@ -1,7 +1,7 @@
<!DOCTYPE html>
<html lang="en">
<head>
-<!-- 2020-07-03 Fri 15:28 -->
+<!-- 2020-07-03 -->
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Blog Index</title>
diff --git a/.web/blog/pgp.html b/.web/blog/pgp.html
@@ -1,12 +1,14 @@
<!DOCTYPE html>
<html lang="en">
<head>
-<!-- 2020-07-03 Fri 15:28 -->
+<!-- 2020-07-03 -->
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>OpenPGP Key Generation and Usage</title>
<meta name="generator" content="Org mode">
<meta name="author" content="Dash Eclipse">
+<meta name="description" content="How do I generate OpenPGP keys and use it"
+>
<meta name="keywords" content="openpgp, pgp, gnupg, gpg, subkey">
<link rel='icon' type='image/x-icon' href='/favicon.svg'/>
<meta name='viewport' content='width=device-width, initial-scale=1'>
@@ -32,20 +34,20 @@
<h1 class="title">OpenPGP Key Generation and Usage</h1>
<p class="subtitle">Published on 2020-06-30 by Dash Eclipse.</p>
</header><p>
-In this article I'm gonna explain how do I generate OpenPGP keys and use PGP.
+In this article I'm gonna explain how do I generate and use OpenPGP keys.
</p>
-<section id="outline-container-orgabbcd0c" class="outline-2">
-<h2 id="orgabbcd0c"><span class="section-number-2">1</span> Install GnuPG</h2>
+<section id="outline-container-orgead6916" class="outline-2">
+<h2 id="orgead6916"><span class="section-number-2">1</span> Install GnuPG</h2>
<div class="outline-text-2" id="text-1">
<p>
-On macOS you can use brew to install GnuPG <code>brew install gnupg</code>
+On macOS you can use brew to install GnuPG <code>brew install gnupg</code>, you will also need <code>pinentry-mac</code> package if you are going to use it with GUI programs such like Thunderbird with Eng
</p>
</div>
</section>
-<section id="outline-container-org46aaefe" class="outline-2">
-<h2 id="org46aaefe"><span class="section-number-2">2</span> OpenPGP key generation</h2>
+<section id="outline-container-org492070e" class="outline-2">
+<h2 id="org492070e"><span class="section-number-2">2</span> OpenPGP key generation</h2>
<div class="outline-text-2" id="text-2">
<p>
Beside <code>gpg --full-generate-key</code>, you can also create a key with gpg in batch mode<sup><a id="fnr.1" class="footref" href="#fn.1">1</a></sup>.
@@ -82,8 +84,8 @@ gpg --batch --generate-key first-last.txt
</div>
</section>
-<section id="outline-container-org0736801" class="outline-2">
-<h2 id="org0736801"><span class="section-number-2">3</span> Use subkeys</h2>
+<section id="outline-container-orgc8405b6" class="outline-2">
+<h2 id="orgc8405b6"><span class="section-number-2">3</span> Use subkeys</h2>
<div class="outline-text-2" id="text-3">
<p>
I use encryption and signing subkeys instead of just use one key for everything, because it's safer when you keep your master key elsewhere and use different keys for different purposes. Debian also recommend to use subkeys.<sup><a id="fnr.2" class="footref" href="#fn.2">2</a></sup>
@@ -102,17 +104,60 @@ gpg --edit-key <key-id> passwd
</pre>
</div>
</div>
+<div id="outline-container-orgde6e78a" class="outline-3">
+<h3 id="orgde6e78a"><span class="section-number-3">3.1</span> Thunderbird and Enigmail</h3>
+<div class="outline-text-3" id="text-3-1">
+<p>
+I use Thunderbird with Enigmail to send and receive PGP encrypted emails, you can follow <a href="https://ssd.eff.org/en/module/how-use-pgp-mac-os-x">the guide by EFF SSD</a> to set it up. Note you need to install <code>pinentry-mac</code> the package to use GPG with such GUI programs.
+</p>
+<div class="org-src-container">
+<pre class="src src-sh">brew install pinentry-mac
+<span class="org-builtin">echo</span> <span class="org-string">'pinentry-program /usr/local/bin/pinentry-mac'</span> > ~/.gnupg/gpg-agent.conf
+</pre>
+</div>
+</div>
+</div>
+<div id="outline-container-org1392bdc" class="outline-3">
+<h3 id="org1392bdc"><span class="section-number-3">3.2</span> Git</h3>
+<div class="outline-text-3" id="text-3-2">
+<div class="org-src-container">
+<pre class="src src-sh">git config --global gpg.program $(<span class="org-builtin">which</span> gpg)
+git config --global user.name <span class="org-string">'First Last'</span>
+git config --global user.email <span class="org-string">'user@domain.tld'</span>
+git config --global user.signingkey <signing_subkey_id>
+git config --global commit.gpgsign true
+</pre>
+</div>
+<p>
+In case you don't want to sign commits for specific repo, just run <code>git config commit.gpgsign false</code> in the repo directory.
+</p>
+</div>
+</div>
+<div id="outline-container-org6305008" class="outline-3">
+<h3 id="org6305008"><span class="section-number-3">3.3</span> pass (the standard unix password manager)</h3>
+<div class="outline-text-3" id="text-3-3">
+<p>
+I use <a href="https://www.passwordstore.org/">pass</a> to manage my passwords, with a different key. pass store passwords in a git repo, you can also store the <code>$GNUPGHOME</code> in a git repo or just in the same repo.
+I have some config like this in my zsh config <code>~/.zshrc.local</code>
+</p>
+<div class="org-src-container">
+<pre class="src src-sh"><span class="org-variable-name">PASSWORD_STORE_DIR</span>=<span class="org-string">"$HOME/passwordstore"</span>
+<span class="org-builtin">alias</span> <span class="org-variable-name">pass</span>=<span class="org-string">"GNUPGHOME=\"$HOME/passwordstore/.gnupg\" PASSWORD_STORE_DIR=\"$HOME/passwordstore\" pass"</span>
+</pre>
+</div>
+</div>
+</div>
</section>
<div id="footnotes">
<h2 class="footnotes">Footnotes: </h2>
<div id="text-footnotes">
<div class="footdef"><sup><a id="fn.1" class="footnum" href="#fnr.1">1</a></sup> <div class="footpara"><p class="footpara">
-The GNU Privacy Guard Manual - <a href="https://www.gnupg.org/documentation//manuals/gnupg/Unattended-GPG-key-generation.html">4.5.4 Unattended key generation</a>
+<a href="https://www.gnupg.org/documentation//manuals/gnupg/Unattended-GPG-key-generation.html">4.5.4 Unattended key generation | The GNU Privacy Guard Manual</a>
</p></div></div>
<div class="footdef"><sup><a id="fn.2" class="footnum" href="#fnr.2">2</a></sup> <div class="footpara"><p class="footpara">
-Debian Wiki - <a href="https://wiki.debian.org/Subkeys">Subkeys</a>
+<a href="https://wiki.debian.org/Subkeys">Subkeys | Debian Wiki</a>
</p></div></div>
diff --git a/.web/blog/rss.xml b/.web/blog/rss.xml
@@ -14,8 +14,8 @@
<link>https://ezup.dev/blog/</link>
<description><![CDATA[]]></description>
<language>en</language>
- <pubDate>Fri, 03 Jul 2020 15:28:53 +0000</pubDate>
- <lastBuildDate>Fri, 03 Jul 2020 15:28:53 +0000</lastBuildDate>
+ <pubDate>Fri, 03 Jul 2020 19:28:44 +0000</pubDate>
+ <lastBuildDate>Fri, 03 Jul 2020 19:28:44 +0000</lastBuildDate>
<generator>Emacs 26.3 Org-mode 9.3.7</generator>
<webMaster>dash@ezup.dev (Dash Eclipse)</webMaster>
<image>
diff --git a/.web/styles/site.css b/.web/styles/site.css
@@ -21,15 +21,18 @@ body {
padding: 0px 15px 0px 15px;
}
h1.title {
- margin-top: 25px;
- font-size: 30px;
+ margin-top: 0.7em;
+ font-size: 32px;
+ }
+ p.subtitle {
+ font-size: 22px;
}
body section.outline-2 h2 {
- margin-top: 20px;
+ margin-top: 5px;
font-size: 23px;
}
body h3 {
- font-size: 19px;
+ font-size: 5px;
margin-top: 21px;
font-weight: bold;
}
@@ -42,10 +45,15 @@ body {
font-size: 18px;
}
}
+p.subtitle {
+ font-size: 17px;
+ margin-top: 1em;
+ margin-bottom: 1.4em;
+}
h2.footnotes {
font-weight: bold;
font-size: 30px;
- margin-bottom: 13px;
+ margin-bottom: 5px;
}
p.footpara {
line-height: 25px;
@@ -53,9 +61,6 @@ p.footpara {
#text-footnotes {
line-height: 0.6;
}
-body h1 {
- font-weight: bold;
-}
body h2,
body h3,
body h4 {
@@ -80,17 +85,18 @@ body h4 img {
border: 0 none;
}
body h1 {
- font-size: 42px;
- margin-top: 37px;
+ font-size: 41px;
+ margin-top: 0.8em;
+ font-weight: bold;
}
body h2 {
- margin-top: 60px;
+ margin-top: 0.9em;
position: relative;
- font-size: 32px;
+ font-size: 35px;
}
body h3 {
- font-size: 22px;
- margin-top: 40px;
+ font-size: 23px;
+ margin-top: 1em;
font-weight: bold;
}
body p {
@@ -108,7 +114,7 @@ body pre {
background: white;
}
body pre.src {
-/* overflow-y: auto !important; */
+ overflow-y: auto !important;
font-size: 16px;
}
body code {
diff --git a/.web/styles/syntax-coloring.css b/.web/styles/syntax-coloring.css
@@ -33,15 +33,15 @@ pre {
pre.src {
position: relative;
overflow: visible;
- padding-top: 1.2em;
+ padding: 0.5em 0 0.5em 0.9em;
}
pre.src:before {
display: none;
position: absolute;
background-color: white;
- top: -10px;
- right: 10px;
- padding: 3px;
+ top: 0px;
+ right: 0px;
+ padding: 2px;
border: 1px solid black;
}
pre.src:hover:before { display: inline;}
@@ -150,7 +150,7 @@ td.org-left { text-align: left; }
td.org-center { text-align: center; }
dt { font-weight: bold; }
.footpara { display: inline; }
-.footdef { margin-bottom: 1em; }
+.footdef { margin-bottom: 0.5em; }
.figure { padding: 1em; }
.figure p { text-align: center; }
.inlinetask {
diff --git a/layouts/head.html b/layouts/head.html
@@ -1,6 +0,0 @@
-<link rel='icon' type='image/x-icon' href='/favicon.svg'/>
-<meta name='viewport' content='width=device-width, initial-scale=1'>
-<link rel='stylesheet' href='/styles/topnav.css' type='text/css'/>
-<link rel='stylesheet' href='/styles/site.css' type='text/css'/>
-<link rel='stylesheet' href='/styles/syntax-coloring.css' type='text/css'/>
-<link rel='alternate' type='application/rss+xml' title='RSS' href='/blog/rss.xml'>
diff --git a/posts/pgp.org b/posts/pgp.org
@@ -3,15 +3,16 @@
#+DATE: [2020-06-30 Tue]
#+email: dash@ezup.dev
#+KEYWORDS: openpgp, pgp, gnupg, gpg, subkey
+#+DESCRIPTION: How do I generate OpenPGP keys and use it
-In this article I'm gonna explain how do I generate OpenPGP keys and use PGP.
+In this article I'm gonna explain how do I generate and use OpenPGP keys.
* Install GnuPG
:PROPERTIES:
:ID: 22D75389-43AB-49A4-B998-B48AF2365397
:PUBDATE: <2020-07-02 Thu 21:30>
:END:
- On macOS you can use brew to install GnuPG ~brew install gnupg~
+ On macOS you can use brew to install GnuPG ~brew install gnupg~, you will also need ~pinentry-mac~ package if you are going to use it with GUI programs such like Thunderbird with Eng
* OpenPGP key generation
:PROPERTIES:
@@ -63,11 +64,29 @@ In this article I'm gonna explain how do I generate OpenPGP keys and use PGP.
rm .gnupg/private-keys-v1.d/<keygrip>.key
gpg --edit-key <key-id> passwd
#+END_SRC
-
+** Thunderbird and Enigmail
+ I use Thunderbird with Enigmail to send and receive PGP encrypted emails, you can follow [[https://ssd.eff.org/en/module/how-use-pgp-mac-os-x][the guide by EFF SSD]] to set it up. Note you need to install ~pinentry-mac~ the package to use GPG with such GUI programs.
+ #+BEGIN_SRC sh
+ brew install pinentry-mac
+ echo 'pinentry-program /usr/local/bin/pinentry-mac' > ~/.gnupg/gpg-agent.conf
+ #+END_SRC
+** Git
+ #+BEGIN_SRC sh
+ git config --global gpg.program $(which gpg)
+ git config --global user.name 'First Last'
+ git config --global user.email 'user@domain.tld'
+ git config --global user.signingkey <signing_subkey_id>
+ git config --global commit.gpgsign true
+ #+END_SRC
+ In case you don't want to sign commits for specific repo, just run ~git config commit.gpgsign false~ in the repo directory.
+** pass (the standard unix password manager)
+ I use [[https://www.passwordstore.org/][pass]] to manage my passwords, with a different key. pass store passwords in a git repo, you can also store the ~$GNUPGHOME~ in a git repo or just in the same repo.
+ I have some config like this in my zsh config ~~/.zshrc.local~
+ #+BEGIN_SRC sh
+ PASSWORD_STORE_DIR="$HOME/passwordstore"
+ alias pass="GNUPGHOME=\"$HOME/passwordstore/.gnupg\" PASSWORD_STORE_DIR=\"$HOME/passwordstore\" pass"
+ #+END_SRC
* Footnotes
- :PROPERTIES:
- :ID: 46766029-46E7-4ADD-9D10-38C588B2B53A
- :PUBDATE: <2020-07-02 Thu 21:30>
- :END:
-[fn:1] The GNU Privacy Guard Manual - [[https://www.gnupg.org/documentation//manuals/gnupg/Unattended-GPG-key-generation.html][4.5.4 Unattended key generation]]
-[fn:2] Debian Wiki - [[https://wiki.debian.org/Subkeys][Subkeys]]
+
+[fn:1] [[https://www.gnupg.org/documentation//manuals/gnupg/Unattended-GPG-key-generation.html][4.5.4 Unattended key generation | The GNU Privacy Guard Manual]]
+[fn:2] [[https://wiki.debian.org/Subkeys][Subkeys | Debian Wiki]]
diff --git a/posts/rss.org b/posts/rss.org
@@ -4,5 +4,5 @@
:PROPERTIES:
:RSS_PERMALINK: pgp.html
:PUBDATE: 2020-06-30
-:ID: 7F047210-D0F1-43B3-8745-96952CD89494
+:ID: EEC9535E-336C-4B21-BA7F-4AF1A05EA31B
:END:
diff --git a/publish.el b/publish.el
@@ -131,6 +131,7 @@ PROJECT is the current project."
(insert (format "* %s\n" title))
(org-set-property "RSS_PERMALINK" link)
(org-set-property "PUBDATE" date)
+ ;;(insert-file-contents file)
(buffer-string))))
((eq style 'tree)
;; Return only last subdir.
diff --git a/styles/site.css b/styles/site.css
@@ -21,15 +21,18 @@ body {
padding: 0px 15px 0px 15px;
}
h1.title {
- margin-top: 25px;
- font-size: 30px;
+ margin-top: 0.7em;
+ font-size: 32px;
+ }
+ p.subtitle {
+ font-size: 22px;
}
body section.outline-2 h2 {
- margin-top: 20px;
+ margin-top: 5px;
font-size: 23px;
}
body h3 {
- font-size: 19px;
+ font-size: 5px;
margin-top: 21px;
font-weight: bold;
}
@@ -42,10 +45,15 @@ body {
font-size: 18px;
}
}
+p.subtitle {
+ font-size: 17px;
+ margin-top: 1em;
+ margin-bottom: 1.4em;
+}
h2.footnotes {
font-weight: bold;
font-size: 30px;
- margin-bottom: 13px;
+ margin-bottom: 5px;
}
p.footpara {
line-height: 25px;
@@ -53,9 +61,6 @@ p.footpara {
#text-footnotes {
line-height: 0.6;
}
-body h1 {
- font-weight: bold;
-}
body h2,
body h3,
body h4 {
@@ -80,17 +85,18 @@ body h4 img {
border: 0 none;
}
body h1 {
- font-size: 42px;
- margin-top: 37px;
+ font-size: 41px;
+ margin-top: 0.8em;
+ font-weight: bold;
}
body h2 {
- margin-top: 60px;
+ margin-top: 0.9em;
position: relative;
- font-size: 32px;
+ font-size: 35px;
}
body h3 {
- font-size: 22px;
- margin-top: 40px;
+ font-size: 23px;
+ margin-top: 1em;
font-weight: bold;
}
body p {
@@ -108,7 +114,7 @@ body pre {
background: white;
}
body pre.src {
-/* overflow-y: auto !important; */
+ overflow-y: auto !important;
font-size: 16px;
}
body code {
diff --git a/styles/syntax-coloring.css b/styles/syntax-coloring.css
@@ -33,15 +33,15 @@ pre {
pre.src {
position: relative;
overflow: visible;
- padding-top: 1.2em;
+ padding: 0.5em 0 0.5em 0.9em;
}
pre.src:before {
display: none;
position: absolute;
background-color: white;
- top: -10px;
- right: 10px;
- padding: 3px;
+ top: 0px;
+ right: 0px;
+ padding: 2px;
border: 1px solid black;
}
pre.src:hover:before { display: inline;}
@@ -150,7 +150,7 @@ td.org-left { text-align: left; }
td.org-center { text-align: center; }
dt { font-weight: bold; }
.footpara { display: inline; }
-.footdef { margin-bottom: 1em; }
+.footdef { margin-bottom: 0.5em; }
.figure { padding: 1em; }
.figure p { text-align: center; }
.inlinetask {
