Commit Graph

96 Commits

Author SHA1 Message Date
09bc23fb15
keys: add forgotten 0x440D764E4F4A6C2D.asc 2020-03-15 19:52:14 +02:00
2418a8735e
.mikaela/ssh: add Unicus WTOP
It's more practical to have it here and no others will be having access
to the OpenPGP/SSH keys
2020-03-15 19:48:54 +02:00
0a106c7d34
gpg.conf: fill in WTOP
As I have different user account for WTOP anyway, it's easier to have
it configured and easy to uncomment.
2020-03-15 19:45:59 +02:00
80388db5e7
gpg.conf: replace local-user with default-key 2020-03-13 19:25:17 +02:00
559a0c99d1
gpg.conf: add show-policy-urls to list-options 2020-03-11 14:57:22 +02:00
99299798cc
gpg.conf: add the sender option 2020-02-26 15:02:27 +02:00
ec9206ce5d
gpg.conf: fix local-user/encrypt-to
Resolves: #61
2020-02-26 14:53:52 +02:00
e2864daf2a
update PrivacyTools groupline (Jonah's key) 2020-02-26 14:48:03 +02:00
8b8a92c7bc
0x99392F62BAE30723.asc: update with subkey 2020-02-18 17:02:00 +02:00
30bf67be46
gpg.conf: with-keygrip 2020-02-18 01:55:29 +02:00
79fce8ec02
keys/ssh: replace WTOP with gpg 2020-02-18 01:25:24 +02:00
1d2cb235d2
begin cleaning up bash/zshrcs 2020-02-13 14:14:33 +02:00
66e56453ad
.mikaela: throw .signature to git as signature 2020-02-11 14:48:54 +02:00
eb748c60fc
gpg: add show-keyring,show-sig-expire to list-options
Resolves: #52
2020-02-10 23:29:31 +02:00
968db01ee0
.mikaela/gpg.conf: add group support@privacytools.io 2020-01-31 11:00:57 +02:00
3e9dd19232
gpg.conf: disable TOFU's positive trust
As I have the pgp-alt-wot repository and am building my own Web of
Trust and lsign, I have no reason to have positive trust values.
2020-01-30 20:23:16 +02:00
4b09dd466e
gpg.conf: restore encrypt-to lines 2019-12-11 12:46:33 +02:00
7658e354ba
gpg.conf: enable dane key locating 2019-12-11 12:46:33 +02:00
024284af0d
gitconfig: force gpg2 + sign annotated tags 2019-12-11 12:46:32 +02:00
Mikaela Suomalainen
4be60dbd19
gpg.conf: keyserver-option no-self-sigs-only
Fixes `gpg --fetch-keys` for my workflow plan of attempting to fetch my
signatures on keys I trust from somewhat trustworthy place.
2019-12-10 13:56:55 +02:00
ca1bebb094
gpg.conf: trusted-key, cert levels, cert expiry 2019-12-07 19:02:23 +02:00
0e0ce5216f
gpg.conf: use local-user instead of default-key 2019-12-07 00:18:29 +02:00
fd93def2f3
gpg.conf: enable TOFU 2019-12-06 23:23:36 +02:00
9026e8035d
gpg.conf: add wkd hashes
as I seem to use them increasingly often
2019-12-06 20:55:58 +02:00
a79c183f86
gpg.conf: no keyserver options, document confusion 2019-12-06 20:22:32 +02:00
77344b444e
gpg.conf: note keyserver-options reason + remove old comment 2019-12-06 19:44:49 +02:00
fc4a1c55bf
gpg.conf: put the default key on top 2019-12-06 19:41:24 +02:00
d4885fbf6c
gpg.conf: heavy cleanup 2019-12-06 19:40:00 +02:00
9721197067
gpg: add auto-key-retrieve 2019-12-05 14:51:13 +02:00
0e0cf2f458
gpg.conf: adjust keyserver-options & auto-key-locate 2019-12-03 00:48:35 +02:00
78d5d9a33a
gpg.conf: export-minimal -> export-clean
Partially reverts 0130d0b512 &
4c088c29ea

It appears that some sort of WoT is still necessary for me and it may
not be as dead as I declared it four months ago.
2019-12-02 21:18:59 +02:00
efd25e8390
0x99392F62BAE30723.asc: add two uids 2019-12-01 20:55:18 +02:00
2d1c3c2f9f
.mikaela/keys: update PGP keys 2019-11-24 10:56:12 +02:00
3560b625cb
update gitconfig to include the new key 2019-11-23 23:30:06 +02:00
36038cddee
gpg: move to 0x99392F62BAE30723 2019-11-23 23:19:53 +02:00
Mikaela Suomalainen
16f5e3b200
Add my work try-out-practice GPG key 2019-11-20 11:15:39 +02:00
32f4ba3c58
ssh keys: add work try-out-practice key
This key will be on my work try-out-practice device and is going to be
deprecated after it's over.
2019-11-07 21:45:05 +02:00
b71c9c8e18
ssh: deprecate Nokia 1 key
I have no idea what the password is.
2019-11-07 21:44:19 +02:00
cf5b532dc0
ssh keys: deprecate the RSA key
I hope it won't be needed anywhere anymore as I have been using the
other one for ages. I am making this as an separate commit for easy
reverting in case I am wrong.
2019-11-07 21:43:28 +02:00
f0a768ad19
gpg.conf: add no-emit-version
Closes: #20
2019-08-26 20:35:43 +03:00
4c088c29ea
gpg.conf: import-clean for cases like Tails
Context: https://tails.boum.org/install/expert/usb/index.en.html
2019-08-01 14:08:40 +03:00
0130d0b512
gpg.conf: declare WoT dead & no-comments
* export-clean & import-clean are now done
* my gpg won't output the comments anymore

Resolves: #125
2019-08-01 12:21:00 +03:00
fa0478d82b
update the PGP key
ref: #119
2019-07-01 11:57:58 +03:00
a7b1880469
gpg: use keys.openpgp.org
Closes #119
2019-07-01 11:47:27 +03:00
95bcf095df
VerifyHostKeyByDNS is supposed to be yes
fix previous commit, I imagine I changed it by accident.
2019-05-11 00:58:00 +03:00
e634ee8863
ssh_config: update comment for VerifyHostKeyDNS
OpenSSH is evil and gives you three not-optimal options to this:

A) trust DNSSEC and don't write known_hosts
B) ask whether to trust DNS, but don't bother telling me if it's signed
C) don't even check SSHFP

I see A) as the least evil, but I wish known_hosts was written.
Alternatively B) should tell me whether there is DNSSEC or not, not
only "matching keys found from DNS" or whatever it says always.
2019-05-09 18:44:36 +03:00
4061d3daa2
.mikaela/keys/ssh: add Nokia1 key
goal: not have it on any other device and use it for emergency access on
my most used hosts.
2018-12-16 23:42:36 +02:00
492cac7158
Revert "ssh_config: controlpersist auto instead of on"
This reverts commit 330e8a80ad.

I got complaining about bad value
2018-10-11 13:45:31 +03:00
330e8a80ad
ssh_config: controlpersist auto instead of on
just in case that would be used for tracking and hoping that SSH is
clever enough.
2018-10-07 21:12:08 +03:00
b8bda9cf49
ssh_config: use more private ControlPath 2018-10-07 20:54:41 +03:00