[clue] gpg applications.

Mike Shoup mike at shouptech.com
Thu Mar 31 18:57:24 MDT 2016


At work, we have a GPG key that we use to sign custom built RPMs for our
Red Hat boxes. That's really the only use I've had for one.

Mike Shoup
On Mar 31, 2016 6:48 PM, "David L. Willson" <DLWillson at thegeek.nu> wrote:

> Ed Snowden and Ken Fallon of HPR send gpg-encrypted email.
>
> Does that count?
>
> Sent from my Verizon Wireless 4G LTE smartphone
>
>
> -------- Original message --------
> From: "David L. Anselmi" <anselmi at anselmi.us>
> Date: 3/31/2016 6:11 PM (GMT-07:00)
> To: CLUE <clue at cluedenver.org>
> Subject: [clue] gpg applications.
>
> Anyone have any apps they use somewhat regularly with gpg keys? Seems like
> I get motivated to do
> gpg, create a key, and then never use it again.
>
> If I were a Debian developer I'd sign packages to upload. But I'm not.
>
> I guess git commits can be signed. But I don't use any repositories that
> do that (except perhaps
> propellor in the near future, which is what brings it to mind).
>
> Oh, I might have a cert I got from StartSSL. At the moment it's good for
> logging into their system
> to get to some web server certs I use. I'm not sure it can be used with
> gpg though, just with things
> that want a CA signed cert.
>
> What else?
>
> I use SSH keys regularly, to access all my machines, and at work to access
> machines, do git
> push/pull, and to use SFTP.
>
> Maybe I should figure out how to use a gpg key with SSH. (It looks like
> that might be really easy
> with gpg 2.1. Wow it took a long time to get there.)
>
> <tangent>
> At work we have servers that can generate X.509 and PGP key pairs. The
> private keys get used
> entirely within the server and no one gets to see them.
>
> The PGP keys are used to decrypt files people send us, when they want the
> files encrypted.
>
> I don't think the X.509 certificates ever get used. But it happens that
> the page that shows the cert
> also shows the public key in SSH2 format. So we use that when the server
> needs to authenticate an
> SFTP connection. And we usually have to convert it to OpenSSH format
> because that's all anyone uses
> and the people who install the public keys don't know how to do it.
> </tangent>
>
> Maybe between propellor and ssh I'll get good enough at gpg to actually
> have a key worth sharing.
>
> Dave
> _______________________________________________
> clue mailing list: clue at cluedenver.org
> For information, account preferences, or to unsubscribe see:
> http://cluedenver.org/mailman/listinfo/clue
>
> _______________________________________________
> clue mailing list: clue at cluedenver.org
> For information, account preferences, or to unsubscribe see:
> http://cluedenver.org/mailman/listinfo/clue
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cluedenver.org/pipermail/clue/attachments/20160331/a681029b/attachment.html 


More information about the clue mailing list