<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"></head><body>
<div>Ed Snowden and Ken Fallon of HPR send gpg-encrypted email.</div><div><br></div><div>Does that count?</div><div><br></div><div id="composer_signature"><div style="font-size:85%;color:#575757">Sent from my Verizon Wireless 4G LTE smartphone</div></div><br><br>-------- Original message --------<br>From: "David L. Anselmi" <anselmi@anselmi.us> <br>Date: 3/31/2016 6:11 PM (GMT-07:00) <br>To: CLUE <clue@cluedenver.org> <br>Subject: [clue] gpg applications. <br><br>Anyone have any apps they use somewhat regularly with gpg keys? Seems like I get motivated to do <br>gpg, create a key, and then never use it again.<br><br>If I were a Debian developer I'd sign packages to upload. But I'm not.<br><br>I guess git commits can be signed. But I don't use any repositories that do that (except perhaps <br>propellor in the near future, which is what brings it to mind).<br><br>Oh, I might have a cert I got from StartSSL. At the moment it's good for logging into their system <br>to get to some web server certs I use. I'm not sure it can be used with gpg though, just with things <br>that want a CA signed cert.<br><br>What else?<br><br>I use SSH keys regularly, to access all my machines, and at work to access machines, do git <br>push/pull, and to use SFTP.<br><br>Maybe I should figure out how to use a gpg key with SSH. (It looks like that might be really easy <br>with gpg 2.1. Wow it took a long time to get there.)<br><br><tangent><br>At work we have servers that can generate X.509 and PGP key pairs. The private keys get used <br>entirely within the server and no one gets to see them.<br><br>The PGP keys are used to decrypt files people send us, when they want the files encrypted.<br><br>I don't think the X.509 certificates ever get used. But it happens that the page that shows the cert <br>also shows the public key in SSH2 format. So we use that when the server needs to authenticate an <br>SFTP connection. And we usually have to convert it to OpenSSH format because that's all anyone uses <br>and the people who install the public keys don't know how to do it.<br></tangent><br><br>Maybe between propellor and ssh I'll get good enough at gpg to actually have a key worth sharing.<br><br>Dave<br>_______________________________________________<br>clue mailing list: clue@cluedenver.org<br>For information, account preferences, or to unsubscribe see:<br>http://cluedenver.org/mailman/listinfo/clue<br></body></html>