Who Let The Dogs Out 🐾2d ago

Create Your Own PicoKey - Nought

https://lyzhang.me/de/pico_key/

> TLDR For just 60 RMB, get an RP2350 development board, flash it with the PicoKey firmware, and you can create your own open-source hardware security key to use as a budget YubiKey.

It supports FIDO2 login and OpenPGP, but the hardware login and encryption functions cannot be used simultaneously.
The steps are simple: buy the board → download the firmware → hold the BOOT button while plugging it into your computer to flash the firmware → initialize via the web config page → done.

Perfect for cheapskates (like me) who don’t want to spend hundreds on a YubiKey but still want to play with hardware keys.

#raspberrypi #diy #yubikey #openpgp

Create Your Own PicoKey

TLDR For just 60 RMB, get an RP2350 development board, flash it with the PicoKey firmware, and you can create your own open-source hardware security key to use as a budget YubiKey. It supports FIDO2 login and OpenPGP, but the hardware login and encryption functions cannot be used simultaneously. The steps are simple: buy the board → download the firmware → hold the BOOT button while plugging it into your computer to flash the firmware → initialize via the web config page → done. Perfect for cheapskates (like me) who don’t want to spend hundreds on a YubiKey but still want to play with hardware keys.

Nought
PGPkeys EU5d ago

Good news! The HKP draft has been adopted by the IETF #OpenPGP Working Group, the first official step towards publication as an RFC 🤩

It is now known as draft-IETF-openpgp-hkp, which replaces draft-gallagher-openpgp-hkp, which itself replaced draft-shaw-openpgp-hkp.

It has been a long couple of decades 😂

https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-hkp

OpenPGP HTTP Keyserver Protocol

This document specifies a series of conventions to implement an OpenPGP keyserver using the Hypertext Transfer Protocol (HTTP). As this document is a codification and extension of a protocol that is already in wide use, strict attention is paid to backward compatibility with these existing implementations.

IETF Datatracker
🐈‍⬛David Sommerseth6d ago

Playing around with Sequoia-PGP again. And it just strikes me how easy it makes it. This time I played with sqop instead of sq.

$ sqop generate-key > key.asc
$ cat file | sqop encrypt key.pub > file.asc
$ cat file.asc | sqop decrypt key.asc > file2
$ sha256sum file file2 | cut -d\ -f1 | uniq -c
2 34fbc467b8c62...

Try doing that gpg without needing any $HOME/.gnupg directory. And then try putting that in a script run by some locked-down user via a cron job.

(I know this should be signed as well, not dug into that yet.)

#openpgp #pgp #gpg #gnupq #sequoia #sq #sqop #encryption

Show threadKushal Das   🇸🇪6d ago
@dazo You will find a lot of bugs or missing features, we are slowly adding them. I have a branch right now about #openpgp support.
u880dMay 20
Gerade #debiantrixie #gnulinux installiert. "apt update" schlug mit Fehler der #OpenPGP Signatur für die Paket Repos fehl.
Problem war, dass die Uhrzeit des Hosts mehrere Stunden zu spät dran war.
NGI ZeroMay 20

NGI webinar on future of OpenPGP State-of-the-art work on chains of trust

https://video.ngi.eu/w/8TSHX5f6PwDsYC2s4LX6S9

NGI webinar on future of OpenPGP State-of-the-art work on chains of trust

PeerTube
Show threadKushal Das   🇸🇪May 19
@dazo I am happy to read these lines. The goal is to make tools/applications which are made for us, easy and usable. #OpenPGP
🐈‍⬛David SommersethMay 19

I've been running #Tumpa CLI for a while on a few selected git repositories, where I use #yubikey for the #PGP key storage.

https://github.com/tumpaproject/tumpa-cli

Today I have globally replaced gpg2 with tcli and tclig in the git config. It does the job very well and is far less annoying than gpg ever was. The tcli agent is also much more nicely behaving than the gpg-agent.

Thank you, @kushal for an excellent work on Tumpa!

And I'm even more impressed that Tumpa even handles multiple Yubikeys plugged in in parallel. It selects the right key for the right identity and the tcli agent even caches the needed passphrase/PIN as expected. This is something which was a complete mess with GnuPG.

#OpenPGP #gnupg #gpg #opensource #foss #oss

GitHub - tumpaproject/tumpa-cli

Contribute to tumpaproject/tumpa-cli development by creating an account on GitHub.

GitHub
Show threadCryptGoatMay 19

@mailbox_org #PGP ist leider zu kompliziert und und zu uneinheitlich umgesetzt. Geht mit #Thunderbird ganz gut, auf Android ist man von einem quasi ungepflegten #OpenKeyChain abhängig, auf iOS von unfreien Apps. Und vom Synchronisieren der Schlüssel über mehrere Geräte hinweg reden wir lieber gar nicht erst.

Mit #DeltaChat geht das deutlich bequemer, aber das würde ich eher gesondert betrachten.

#OpenPGP

heineloMay 17
Mein Desktop unter Fedora 44 die Nutzung von Linux und Open Source Software mit entsprechenden Messengern und Mail Anwendungen und ohne Google / Microsoft / Apple und mit KI dann wenn ich sie haben möchte ist und bleibt einfach eine bessere und auch Nachhaltigerer und vor allem Selbst bestimmender Umgang mit Informationstechnologie.

Bild Bearbeitung ist mit den zur Verfügung stehen Tools unter Linux gar kein Problem funzt viel schneller als unter Windows
#darktable #gimp #shotwell
#DailyDesktop
#ShareYourDesktop
#UnixPorn
#mywork
#duisburg
#fedora43 #gnulinux #Linux #mydesktop #opensource #fedora #libreoffice #fairphone4 #murenacloud #evolution #digitaleselbstbestimmung #onlyoffice #digitaleselbstverteidigung #digitalenachhaltigkeit #signal #telegram #Verschlüsselung #openpgp #rkhunter #lynis #firewall