Use variable to store Key ID

This commit is contained in:
drduh 2016-05-09 02:47:16 +00:00
parent 1c16d968e9
commit da1ce278c6
1 changed files with 15 additions and 10 deletions

View File

@ -16,6 +16,7 @@ If you have a comment or suggestion, please open an [issue](https://github.com/d
- [Create temporary working directory for GPG](#create-temporary-working-directory-for-gpg) - [Create temporary working directory for GPG](#create-temporary-working-directory-for-gpg)
- [Create configuration](#create-configuration) - [Create configuration](#create-configuration)
- [Create master key](#create-master-key) - [Create master key](#create-master-key)
- [Save Key ID](#save-key-id)
- [Create revocation certificate](#create-revocation-certificate) - [Create revocation certificate](#create-revocation-certificate)
- [Back up master key](#back-up-master-key) - [Back up master key](#back-up-master-key)
- [Create subkeys](#create-subkeys) - [Create subkeys](#create-subkeys)
@ -146,9 +147,13 @@ Consider purchasing a pair and programming both in case of loss or damage to one
Note that this key cannot be used for encryption. You may want to use Note that this key cannot be used for encryption. You may want to use
the command "--edit-key" to generate a subkey for this purpose. the command "--edit-key" to generate a subkey for this purpose.
## Save Key ID
$ KEYID=0x47FE984F98EE7407
## Create revocation certificate ## Create revocation certificate
$ gpg --gen-revoke 0x47FE984F98EE7407 > $GNUPGHOME/revoke.txt $ gpg --gen-revoke $KEYID > $GNUPGHOME/revoke.txt
sec 4096R/0x47FE984F98EE7407 2016-01-30 Doctor Duh <drduh@users.noreply.github.com> sec 4096R/0x47FE984F98EE7407 2016-01-30 Doctor Duh <drduh@users.noreply.github.com>
@ -182,11 +187,11 @@ Consider purchasing a pair and programming both in case of loss or damage to one
## Back up master key ## Back up master key
$ gpg --armor --export-secret-keys 0x47FE984F98EE7407 > $GNUPGHOME/master.key $ gpg --armor --export-secret-keys $KEYID > $GNUPGHOME/master.key
## Create subkeys ## Create subkeys
$ gpg --expert --edit-key 0x47FE984F98EE7407 $ gpg --expert --edit-key $KEYID
Secret key is available. Secret key is available.
@ -391,9 +396,9 @@ Consider purchasing a pair and programming both in case of loss or damage to one
## Export subkeys ## Export subkeys
$ gpg --armor --export-secret-keys 0x47FE984F98EE7407 > $GNUPGHOME/mastersub.key $ gpg --armor --export-secret-keys $KEYID > $GNUPGHOME/mastersub.key
$ gpg --armor --export-secret-subkeys 0x47FE984F98EE7407 > $GNUPGHOME/sub.key $ gpg --armor --export-secret-subkeys $KEYID > $GNUPGHOME/sub.key
## Back up everything ## Back up everything
@ -620,7 +625,7 @@ The default PIN codes are `12345678` and `123456`
Transfering keys to YubiKey is a one-way operation only: make sure you've made a backup before proceeding! Transfering keys to YubiKey is a one-way operation only: make sure you've made a backup before proceeding!
$ gpg --edit-key 0x47FE984F98EE7407 $ gpg --edit-key $KEYID
Secret key is available. Secret key is available.
@ -782,7 +787,7 @@ Type `key 1` again to deselect and `key 2` to switch to the next key.
## Export public key ## Export public key
$ gpg --armor --export 0x47FE984F98EE7407 > /mnt/public-usb-key/ $ gpg --armor --export $KEYID > /mnt/public-usb-key/
# Using keys # Using keys
@ -826,7 +831,7 @@ Type `key 1` again to deselect and `key 2` to switch to the next key.
## Trust master key ## Trust master key
$ gpg --edit-key 0x47FE984F98EE7407 $ gpg --edit-key $KEYID
Secret key is available. Secret key is available.
@ -904,7 +909,7 @@ Type `key 1` again to deselect and `key 2` to switch to the next key.
### Encryption/decryption ### Encryption/decryption
$ echo "$(uname -a)" | gpg --encrypt --armor -r 0x47FE984F98EE7407 | gpg --decrypt --armor $ echo "$(uname -a)" | gpg --encrypt --armor -r $KEYID | gpg --decrypt --armor
Please enter the PIN Please enter the PIN
gpg: encrypted with 4096-bit RSA key, ID 0x39988E0390CB4B0C, created 2016-01-30 gpg: encrypted with 4096-bit RSA key, ID 0x39988E0390CB4B0C, created 2016-01-30
@ -913,7 +918,7 @@ Type `key 1` again to deselect and `key 2` to switch to the next key.
### Signing ### Signing
$ echo "$(uname -a)" | gpg --encrypt --armor --sign -r 0x47FE984F98EE7407 $ echo "$(uname -a)" | gpg --encrypt --armor --sign -r $KEYID
gpg: signatures created so far: 0 gpg: signatures created so far: 0
Please enter the PIN Please enter the PIN