![]() ![]() push-secret Push an encrypted copy of the secret key to the server. i, -infile Specify an infile (stdin by default). To also automatically push/sync your secret to keybase (so you can then use it on other linked devices) you can use -push-secret: ⇒ keybase pgp import -help So to export your secret keys, and import them into your local keybase keyring: gpg -armor -export-secret-keys MYSECRETKEYID | keybase pgp import` This is normally not very useful and is a security risk since private keys are left unprotected. This is the same as the command export, but private keys are exported instead of public keys. Just came across this issue myself, and found that the correct args to use aren't shown in the standard gpg -help text: ⇒ gpg -help | grep exportīut you can see the (very limited) help text for it here:Įxport-secret-keys - export secret keys export-secret-keys name. I can speculate to the answers myself, but since it's important stuff I'd rather ask, to be sure. Any other specific risks or things I should be aware of? I want to make very sure my PGP private key remains my own.Does option 2 mean you need to have your private key in a file at your current location? Is the file typically protected with your passphrase?.Does either option 1 or 2 give permanent access for the Keybase app to my PGP private key? Or is it just one time to sign a proof that the public key is mine?.#import from stdin and send the public half to KeybaseĪt first, I thought that they were 3 instructions to be followed in order, but then I realized they were 3 different main things you could do.Ĭan someone explain in basic terms (I know the basics of PGP and public/private key pairs) what the first two options entail behind the scenes? Instead, what I find is this: # import a key from gpg's key chain I had expected instructions to PGP-sign a specific text from the Keybase (Windows) app and re-upload that signed data (base64 or some such). You can also use the private Keybase repository alongside an existing repository by adding it as an additional remote: git remote add private keybase://team/faculty_secrets/secretsįrom keybase://team/faculty_secrets/secretsĪll of this can also be managed from the command line interface.I've created a Keybase account and imported the "easy" identities (e.g. From there, you can use it as you would any other Git repository: git clone keybase://team/faculty_secrets/secretsĬryptographic cloning: (100.00%) 77.01/77.01 KB. ![]() On the command line, or in your Git UI tool of choice ( GitHub Desktop works, for example), use this address to clone the repository. It will look something like this: keybase://team/Mary_Poppins_Bag/secrets ![]() Once you’ve created a repository (or selected an existing one), there is a Clone: field that shows you the address you’ll use to access this repository. You can make it your own personal repository or share it with a team. Navigate to Git and select New Repository. This prevents two people (or two devices controlled by the same person) from overwriting each others’ changes and causing conflicts. With first-class Git repositories, Keybase knows to lock your repository when necessary. Using Git repositories in Keybase (or via the command line) is better than just hosting your local Git repositories in Keybase Files. You can be sure that your team members did indeed push the changes that the Git history log says they did. This also means that every time you or a member of your team pushes or pulls (or clones) data to or from one of these repositories, all writes are verified by your private keys, which never leave your device. This means that your data is encrypted-not even Keybase can see what’s in there (nor its name, the filenames, your other configuration-nothing). Keybase has created an open source remote helper that facilitates this interaction, keeping the data in your repository within your control via your local Keybase app. ![]() This allows Git itself to interface with datastores other than the local filesystem. Under the hood, Git supports remote helpers. (How dare they?!) All of your data is automatically encrypted and verified. You can be certain they’re safe, not only from prying eyes, but also from malicious people who might try to change your code. 03 Files Share and store photos, videos, and documents. 02 Chat Share messages and files with anyone. 01 Your Account Keybase accounts are trustworthy and secure. If you see something that needs improvement, create a new pull request or a new issue on GitHub. They’re 100% private, encrypted, and verified. Like Keybase, Keybase Book is open source. These repositories are real Git repositories but you can view them in the Keybase app. You can put any kind of content in these repositories, but they’re especially useful for personal private repos or for secret content shared among teams. Keybase supports free, encrypted, authenticated, and private Git repositories. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |