migrate_to_testing_wiki #8

Merged
alangm merged 61 commits from tcooper/testing-wiki:migrate_to_testing_wiki into main 2024-04-26 01:34:01 +00:00
Showing only changes of commit 13b503f79c - Show all commits

View File

@ -43,24 +43,20 @@ Export the *primary keypair* (put these somewhere very safe along with revocatio
gpg --export --armor my@email.addr > my_email_addr.public.gpg-key
# Remove the *primary keypair* from your keyring
Export all subkeys from the new keypair to a file - use ramfs instead of tmpfs/ or /dev/shm/ because ramfs doesn't write to swap
1. Export all subkeys from the new keypair to a file
mkdir /tmp/gpg
sudo mount -t ramfs -o size=1M ramfs /tmp/gpg
sudo chown $(logname):$(logname) /tmp/gpg
gpg --export-secret-subkeys my@email.addr > /tmp/gpg/subkeys
gpg --export-secret-subkeys my@email.addr > $HOME/.gnupg/subkeys
Delete original signing subkey from keypair in our keyring
1. Delete primary key from keyring - *BE SURE TO BACK UP YOUR PRIMARY KEYPAIR FIRST!*
gpg --delete-secret-key my@email.addr
Re-import the previously exported keys
1. Re-import the previously exported keys
gpg --import /tmp/gpg/subkeys
sudo umount /tmp/gpg
rmdir /tmp/gpg
gpg --import $HOME/.gnupg/subkeys
1. Look for `sec#` instead of `sec` in the output - pound sign means signing subkey is *not* in the keypair located in the keyring
Look for `sec#` instead of `sec` in the output - pound sign means signing subkey is *not* in the keypair located in the keyring
gpg --list-secret-keys $HOME/.gnupg/secring.gpg
# Revoking a *signing keypair*