content: Add gpg cheatsheet page

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-04-21 20:37:47 +02:00 · 2023-04-21 20:37:47 +02:00 · 4c74bd5b51
parent 93201323dd
commit 4c74bd5b51
3 changed files with 86 additions and 14 deletions
--- a/config.yml
+++ b/config.yml
@ -4,3 +4,8 @@ languageCode: en-us
 title: Christoph Heiss
 theme: hacker
 enableRobotsTXT: true
+
+markup:
+  highlight:
+    lineNos: true
+    anchorLineNos: true
--- a/content/gpg-cheatsheet.md
+++ b/content/gpg-cheatsheet.md
@ -0,0 +1,76 @@
+---
+title: gpg cheatsheet
+date: 2023-04-21T16:40:56+02:00
+---
+
+### List secret key with all subkeys:
+```shell {lineanchors=list}
+$ gpg --list-secret-keys --keyid-format long
+```
+
+### Add a new subkey:
+```shell {lineanchors=add}
+$ gpg --edit-key <masterkey-id>
+gpg> addkey
+...
+gpg> save
+```
+
+### Transfer subkey to other workstation:
+```shell {lineanchors=transfer}
+$ gpg --export --armor <masterkey-id> >masterkey-public.asc
+$ gpg --export-secret-key --armor <subkey-id>! >subkey-private.asc
+# on the target machine:
+$ gpg --import masterkey-public.asc
+$ gpg --import subkey-private.asc
+# afterwards, shred the private key securely:
+shred -u subkey-private.asc
+```
+
+### Or, transfer over ssh directly (might not work depending on setup):
+```shell {lineanchors=transfer-ssh}
+$ gpg --export --armor <masterkey-id> \
+    | ssh <target-host> 'gpg --import'
+$ gpg --export-secret-key --armor <subkey-id>! \
+    | ssh <target-host> 'gpg --import'
+```
+
+### Check what keys are available on target:
+```shell {lineanchors=check}
+$ gpg --list-secret-keys --with-keygrip
+```
+
+### If the secret master key (`sec`) is available (no `#` suffix), delete it:
+```shell {lineanchors=delete-sec}
+$ gpg-connect-agent 'DELETE_KEY <master-keygrip>' /bye
+```
+
+### Reorder UID priorities:
+```shell {lineanchors=reorder}
+# Suppose Bob has these three identities, in that order:
+[ unknown] (1). Bob <bob@example.com>
+[ unknown] (2)  Bob (work) <bob@example.company>
+[ unknown] (3)  Bob (git) <code@example.com>
+
+# But now Bob wants to have them in this order:
+[ unknown] (1). Bob <bob@example.com>
+[ unknown] (2)  Bob (git) <code@example.com>
+[ unknown] (3)  Bob (work) <bob@example.company>
+
+# The dot after the number in parentheses indicates the
+# currently selected key.
+
+# Now, to reorder:
+$ gpg --edit-key ...
+gpg> uid 2
+gpg> primary
+gpg> save
+$ gpg --edit-key ...
+gpg> uid 3 # uid of next in order
+gpg> primary
+gpg> save
+# Repeat as often as needed, in reverse order they should appear in.
+```
+
+### Some more useful links/explanations:
+- [How to un-revoke an key/uid](https://lists.gnupg.org/pipermail/gnupg-users/2007-April/030724.html)
--- a/themes/hacker/assets/scss/main.scss
+++ b/themes/hacker/assets/scss/main.scss
@ -34,8 +34,10 @@ h1 {
  font-size: 24pt;
 }

-h2 {
-  margin: 1em 0 .5em 0;
+h3 {
+  margin: 1em 0 .2em .5em;
+  font-size: 12pt;
+  font-weight: 500;
 }

 p {
@ -80,6 +82,7 @@ footer {
  color: var(--text-low-noise);
  border-top: 1px var(--text);
  margin-top: 4em;
+  margin-bottom: 2em;
  float: right;
 }

@ -96,15 +99,3 @@ a {
    background-color: var(--link);
  }
 }
-
-code, pre {
-  font-family: monospace, monospace;
-  font-size: .8em;
-  color: var(--code);
-  line-height: 1.25;
-}
-
-pre {
-  margin-top: .25em;
-  margin-left: 1.5em;
-}