SSH and GPG public keys for Tétras Libre collaborators
SSH
SSH is used for Git access, among other things.
Creating SSH key
ssh-keygen -t ed25519 -f ~/.ssh/<your-name>_ed25519If necessary, you can use the traditional RSA key type, instead of Ed25519, just use -t rsa instead and <your-name>_rsa for the key name.
From the Arch Linux wiki page:
You can also add an optional comment to the public key with the
-Cswitch, to more easily identify it in places such as~/.ssh/known_hosts[...]. For example:
-C "$(whoami)@$(uname -n)-$(date -I)"will add a comment saying which user created the key on which machine and when (like
user@machine-2023-08-14)
Adding key to the repo
Simply copy your key from ~/.ssh/ to the repo's SSH folder.
Be careful to add the .pub key and not your private key!
GPG
GPG is used for pass
Creating GPG key
gpg --generate-keyand follow dialog.
Add key of Tétras Libre collaborators
To import a gpg key, use gpg --import <key file>. To import all keys, go to GPG folder and use gpg --import *
After that, you need to edit confidence of the key. For this, use gpg --edit-key <keyName> and use trust command in gpg (gpg>trust)
Answer the response to add the confidence 5 - ultimate. Use quit to leave.
Export the key
Find the ID of your key, for example with
gpg --list-keys | grep -i -B 2 <your name>Then export it
gpg --export --armor --output '<your.email@tetras-libre.fr_pub.asc' <key id>Finally copy the .asc key file to the GPG folder (if it's not already there)
Pass
Check manually if key is valid for pass
- Clone pass repository
gpg -d /path/to/key/in/pass/key.gpg.
If the result is "No secret key", check in the pass repository if everything is ok :
- Last version of the repo (in case of force push)
- Use QTPass or cli to add concerned key
Add new key to pass
- Pull the repo
- Add the new public GPG in your gpg
- Check if Pass(QTPass) is set to encrypt passwords with the new key in addition of the existing