1
Haxk20
34d

Everyone please drop into the comments and drop there your public PGP key. I hope like this we can implement kind of PM system on devRant. If you are new to PGP please dont share your private key. Keep that one as or even more safe then your heart. (Not even your wife or GF need to know this key. ONLY YOU know it)
Lets get this started.
Also if the message is too long please paste it to pastebin or other site like that.

Comments
  • 2
  • 4
    Its not gonna be so PM when we got @wisecrack
  • 0
    The heck is PGP
  • 5
    @Ranchu Literally Pretty Good Privacy
  • 1
    @theuser Im mean if he can crack 2048 bit RSA key in doable time then sure but i doubt it.
  • 3
    @Haxk20
    I'm pretty sure he said he made a mistake and wasn't able to factorize the number.
  • 2
  • 1
    Guys I need your suggestion please. I generated my PGP key pair but was concerned about my private key storage. So what i did was, took the sha256 of my private key aside and modified few characters inside the key text at certain special places and memorized it, I will put this tempered key file on onedrive. So that I don't loose that. Is this a nice way to store it or just a dumb thing to do?
  • 3
    @jskid I hope you meant aes256 (the encryption algorythm) and not sha256 (the hashing algorithm), otherwise that hashed text is useless (because hashing functions only go one way, you cannot recover the original text from the hash).
    And either way, it's not very useful anyway: pgp private keys are (or at least: should be) stored encrypted, that's why it asks for a passphrase when you create the key.
    As long as your passphrase is strong, your private key is secure - that's kind of the whole point.
  • 1
    @Haxk20
    this is going to be a pain in the ass for us folk who use the devRant app and cant copy text.

    but what ever :D
    https://c0d4.xyz/openPGP/c0d4

    -----BEGIN PGP MESSAGE-----

    hQEMAyi+ZAQKP57MAQgAs+IMRhrpTHClz4zKdoHAKqfOLEQsQDRGNGxdAUZdwIof
    kjT4XZBFyqoZOErYrghURJR2mM8tYObsfLa62gDfv8CX6nKc7LzYe6OMaqmoq3I+
    3b/qH1ynz+yanwcQlGx7nYCOVa4APuE/NJVYOGFXjZaZ50CMKfwHCp8yCQwYF+/b
    i8Bgl75k+38p66GWUR4DvItwqedINNEYZMKwprz3UTo1TJq4gSQWLqKcNt21C9YE
    iNNml41+FqFHZHsqFBR3VE/bHRPdfX/TIKcb4APG2jzw8DDPKfgFmRnuJa4uBIkl
    WPSWBJDSyIlSRDIB6gltekV6ks7Vwh1dyj9j2lnpR9LA6wGLaAtCoa4g47EN68G+
    5UG46xgr7L/ardwE7QPvgZkwLuRkMj4eN4Ugt//N91darxOtP6IL433PIg2+ncr9
    55stDl0PXBRwFHw1LSNPRKD43qpFUDWhNfurtSc+hv9jKWk8NYrNsKyi280H9kxQ
    u77oPv+obsz8q58DFIICou0wvGR1CTxEf3NHYhmMDEFW9hJuO8zFIhPpuCF4Q4W0
    WE/jmtDWfq/t5f7o8lIaXHRp8qWbVuGoxC6fptGUDdOLlrCw2tpBBe321xYZKUo0
    DH9I09a+XfRH4fp4vZW+Ah6m5dJo3wHPyqDNRYKANGWu8ZgWVpid8O6GlzMN5yKN
    O+TMvsQq8lvYlgChpuqvEpaYLuCTV641M1FT/RbP+1/tCmqyW5+zQRe0+FpcRuQ6
    2EG4CVWG35hNWOfd6mOjq5idmnnmOQVkArpO6QiLrl9tz5FO3Y2CrB+vYrXs6fro
    cYHlqjDMV7NPGQ/Y/VvKvrYKenxCQtUXs3hDIJfA7kqU7mzst+LQhi2XWbWFLryj
    i9o8Wri3XiR9Iu1rD27opEYe+QKtNDg09wQi+F0=
    =xz4S
    -----END PGP MESSAGE-----
  • 3
    @endor no I meant sha256 but in a different context. Sorry for my bad english.

    I meant before I temper with my Private Key I will take a sha256 of my original Pvt key to check its integrity later when I pull back my tempered Pvt key from onedrive, make, necessary changes that I already memorised and make sure with sha256 that I got it right.

    Makes sense?
  • 1
    @jskid There is a way to (securely) print it. After that put it in a bank safe if you have one.
    To regenerate from the paper you need a your normal passphrase.
    https://jabberwocky.com/software/...
  • 1
    @C0D4 IDK if that message was for me but well you probably still have my old PGP key. I have new one since well reasons.

    Here is the new one: https://pastebin.com/6mJJVDFb
  • 1
    @Haxk20 don't I feel like an idiot now 😂
  • 1
    @C0D4 haha sorry.
  • 1
    @Haxk20
    Great now i need to use the web version ☺

    https://pastebin.com/raw/ga0UFzWH
  • 1
  • 0
  • 2
    @jskid ah, that makes sense, but you have to really trust your memory - otherwise, if you forget how to restore the tampered file, you're screwed.

    Why not just encrypt the (already encrypted) private key file with AES and a different password - that way, nobody knows that the shared file contains a pgp secret key in the first place (make sure you change the file name and extension to something different, gpg does not care about file extensions anyway).

    You can do this with the command gpg --symmetric
  • 2
    @Haxk20 I would like to answer, but gpg keeps insisting my Yubikey does not have the private key (fascinatingly I can sign messages).
  • 1
    @endor well that's a much better way to do it, I'll go with that. Thank you🙂
  • 2
    @Haxk20 ok this may not work.. think I need to find a mobile pgp app otherwise a message a day is going to be slow as hell 😂
  • 1
    @C0D4 i have scrips LuL and well mobile app.
  • 2
    @C0D4 maybe this? OpenKeychain: Easy PGP https://f-droid.org/app/...

    (Disclaimer: I have not used this app nor do I know anything about it - user discretion is advised)
  • 1
    @endor I'm going to have a hard time porting it to iOS, but thanks for the suggestion.

    There's a couple of shitty ones in the AppStore.
Add Comment