Tech Babble | the random musings of a techie

GPG Key?

I recently bought a Yubikey 4 with the intent of playing around with it, setting up SSH to let me use it for authentication, and maybe even using it to sign some things in git. I forgot the part where that meant using gpg again...

Thus begins today's story...

Basically, I created a master key and three subkeys by following the guide presented here, and put the subkeys into my Yubikey. This of course took an immensely large amount of time because I wasn't doing anything else with the system I generated the keys on, and so gpg felt there wasn't enough entropy; wiggling the mouse helped, but only so much.

Once the keys were created and added to the Yubikey, I went to bed, and took the Yubikey to work with me the next day. It took a good hour or so, but I got SSH to let me authenticate connections to GitHub using the authentication key on the Yubikey, and signed a test commit with git using the signing key. Everything looked good, and I went back to doing actual work.

Moving forward a few days... I had originally created all four keys with no expiration dates, figuring that I'm not doing anything that exciting, and I have a revocation cert, so who cares? But I changed my mind and decided to add expiration dates one year from now (that was this morning, feel free to look up the now-useless keys on your favorite keyserver). After about 20 minutes, it appeared as though I had accidentally added the master key's secret key onto the Yubikey (I hadn't, I just thought I had), had factory-restored the Yubikey to get the secret key off of it, and then somehow got gpg into a state where it refused to add the subkeys back onto the Yubkey.

Lucky for me, I managed to also ruin the backup copy of everything while I was at it. This being why I haven't revoked the old keys. But hey, on the bright side, the private keys don't exist anywhere anymore!

After turning off the computer, going to get lunch, and coming back, I did what any sensible person would do: started over. Luckily I had just done everything, so while re-building my keys I had history 0 | less open in a tmux pane and scrolled to the relevant section of my command history, and I had other things to do, so gpg felt I generated entropy at a much higher rate this time. Given what I've heard about /dev/random vs /dev/urandom, it sounds like gpg is just playing security-theater with me, but whatever, I got my new keys generated.

At any rate, in case anyone is interested, the new key's fingerprint and public key are below (feel free to let me know if I messed it up somehow). The original commit creating this blog post is signed, and I've wiped out my keybase.io account and updated it to use my new public key as given below (and re-verified myself in the appropriate places).

I know, this wasn't even remotely worth reading just to be given the public key of some random person you don't know, whose code you don't care about, etc. Sorry not-sorry?

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFd39E8BEADaX5R+Nj1PK3YQxKvv3djQyzaOJYlFa4sDn5Mz3G+/2Rlxu3Fk
NMLoD90V+xOMJMy8qmeRHhoi73CDrHnxw/kLsVGYa4Y9KU3/0GhVwKdKQSdXGO4C
erEWxm0wpNVhOE4fMm7vwCQ1j+Cg1oloZtL9VDkZSdRZNJFjYqDBJMUTv7DXuOOu
0sp6ms3nopLLZRYLu9dNskFmmFzgGoburJigUqkTNpY48MyTdM7PEeGEacHChMcy
zIzW7pd9SXqyUJUlxHRjLVaSgzcUNewxFF+yaGwFWBYCVf6qaWtfahcAo2jwToVx
BBeysyd+M94gFt737j/pR5ikw499JtxQO7+WNRY8rlpMHmvYyfl4VZXG37Z3Daeq
9FFHQ+L4p2d0AM1O95btzZh3IZZZyPdDfaobjImHbaRtAMeM3ZnAImfTnmw0aX02
JygWCi1zWgxkHqmGnrePSlGihG5G+AneI8EPhfjpAAYqVDePuRH3W1HOAqkNsPOo
bFxr2ADmUFVRWIvkaCTt4HhRl0OYBUi5ysVpDmWpVRoFqbZzkyFFCFtXBC8PAUIf
gy7SnFF7CFyw9KUQ3CeCSOKXpqCuONmMh6xyVEU7KqpwZsd0k2iK8Xb0E8XBcmaW
ozZmZIpVKB2GGDmVNlw6p2w9k4EObBZO7lJttYoVohb4oOvG7rkAe3P4FwARAQAB
tDNBbnRob255IFBlcmV6IChhbWF6aW5nYW50KSA8YW50aG9ueUBhbWF6aW5nYW50
LmNvbT6JAjEEEwEKABsFAld39E8CGwMCCwkCFQoFFgIDAQACHgECF4AACgkQemAU
4xZdThUXcRAA2kaBJ33hqC08sA5LTOniI83m6Hz4sAw1t7qFbhB7PnIALMgJ3Gys
nT1lhkRKtRzOmOOd+M+Q1GjwS5u1GYOS0NWCjRC+t1ddeF64OXCFxOiB93f06REf
8NJtmSqy/epBaZzR4Xtjec8kyJizc2sTIFsQ3oUxZUJd/a/52IgsmNEmgnfU9X5h
k6RWUremRTm01StWs66MXDJMW7UmD/MnVTazP/Bu+w5Foe8iZfU8YIHFvhJ18gmQ
+pZQbNHoNqtQkU6rv7FCRRzBPEe4CsCdaOiJhtooJKQZUXE7Cy2E6bqHMaVRZtDF
FabQkiDLmqIfb76Xj9GeNas2U3L6jHsDZjH/zSJG8F+LNPUL/AA3o721PB8QT1DY
03DhYKpGdwCk6w2VWU8SDiJ2LuE4LrV0AxFaxYPmKblWrpSuqs3HxC/suXDpVpGf
sv8/o06YiaSXdOjuneODH0qyWfNIu5V9NM6qwRtxnVA+808gt6FOlaUWv0MjoNdD
6Y0nZB9b4uoshGmYtG032xjYeIb80wjvQ+9WqKYNIeGNvsgEJt0NAElhoaFd9sBS
jZrfVQ54HbxMZFN3qYqShh3l3UEE49N7SqKitfQT9+s01X46iVVInrjeGi+JvaNl
xpB4hdDA7nvN6+niz3GIPRuq+pbFUyXulI1u2sHSwGLnirlYRByUORW5Ag0EV3f3
VwEQAMEJVHtdPkUtbUYfaGD504WmehqnZhy5uAP7H8kFBbd3jzlYsJxf1GC+B4CZ
zI+1UFkpb2CXpZLDBz6PSpgkjVfAtHL8NXOqn6tMFCTgaGSD8dd+VrOFH5mEdL33
X/ooKVh3INeB/DHoBrhhBkKrr0NdrXRDUqnWJBAkUnFkl/QlN4+iQQOec21Fhb9N
7ZFRQx/C75PuGn/Mr5Pu7YYQAsqyLRDqjvKsN8N5H+grv5cAkoDlMyoMXnFCla21
Zq/LH1PV4z86DVYU1q98Fm93P6rX/HuIcVgcPYtaiGmZ6YlHYX4mhrvDMO5TmUUQ
5Sol0eh1r3v+LGRwQB9dVCJSzQRT6wMJRqiIrCSendz6yKDK67GvqLf60Fcprl3I
bIMg5noR0puP/x4yNCmGA4p/Am6CK6v3ru2Yv/ZBfZ2oKpaaL2muphnThMAqMZvw
rp5ar5ZTyo7hxdwp62q/eUgPqTlLbuSeayw8E+u025R6G/Dg50qyKZni+jkGrgTG
nnwb418ne2SZ8J7eZ/U+4V7OM5xSZnUd1p33EXlWVXzLoC6hgDTUbY03rKyQ70Wp
d7irHUS+GLFbTbIg0DMpQUvPfus3flCTNe1UrDm8xINtwBLYGSKhJp7tAl5U4Df4
TV0tVm0M9K/Lla6rypVIaPcD0J8xXmpqY9YX7xTYTdwk7h97ABEBAAGJBD4EGAEK
AAkFAld391cCGwICKQkQemAU4xZdThXBXSAEGQEKAAYFAld391cACgkQOIvsJzOX
zETkeA/+JOhLGUnCDXjZZAe6GTMFIa/+f0fxAvdGbQjdJ7eitmTy73hYvm+D2+qY
XInMUyWRqxZ3Tyf0iQVwcwVs0biSMUTrJyt6YZePlOZq2WMoqI7Cqx8UDRGPRJzM
05fj/WkFECgRv8iXb4k9Zjr42BNhRVlCgYBnGHF9UNtApk145C9596PL4KKditZB
PWz4QO2IhiWVza0spQGa2Z1jwVCy/Sh4P7t3R+oWGsCnbBind8tg8d0N2IvOnJz/
6NfSnrDVOMLNzh/7dEZcaotRFWZzz+8Z7HSFezg7eriMmxd459dyrFRnS+3g3sMU
hprx+lrsz244IfYN/lsXPtZCci4kwJmI0swia6D21i3m9tqEIYl5uwhUTjn/q52f
LHFPml6Ez9T+2YhHJfJh+/umOLKZHcfHluqq8I1YHhmdnGtkDwR9DMadyzG3wzcF
QN7ncND20gl7AZfcHb2/eMayNaF2Kt82hudLhmNG6PyKksxyD7JGzbNa1hxCUZg9
uICWXm1kwX3aLLsPeio8XembIWV6lMs7FCaKQ05t83ukabPaHCoPdOO2yJozX/97
ObF551wxaCa/Cfn1GWVIGGXfO9NtRNU88on4PE+oR6VqVtDaThP8iag8RYR7B14w
PlYr9pgKdLcw7hKv6Krj6gaSYzci/t7Q2V4eS6cZjzIuXM5PnSZfKxAAzLoj1dPK
8s4QWCzjkwvlILONU7bKO7jCivVwFaB0DgvbHwP7UDhuzWZTl++amVVNZHBc9ioQ
k3I9dYEtGrgHBVQlcBHYAx1IurJiK+LduMspCZ2uUAq3w5huQLmWz2hgigE/H4Vg
oRCRzNJcArK2tkXirJglMtAhhRjSUx14wwGopoMiRn/w8u8dttxTb0NhvbCuQRen
fmOPTevzklyBlNJyRu7Wbn2ji5TdKvi7ymLFHoMQ9fVWz04cfJsg3rjxT7hmKEAn
3zP9bAZV3rgpc8wFkY0nCiv5n0eKqzGVLz6cse72P+J+SAkmUdkqy2OVqUcpeirN
lv9Rg/XwBexO5TmYiVtS0N8OIcrTkGDY/u3ye4jQckrEdsTfjCinS5BbLLacTII9
dJAo+tDMdrDO++ALSQHlzSE2HmUHh4wWfgcgP7sxTYW8/usnKAzIZuvH79riFuzq
PHfT0FS4umo+DjlxTvKVrNTvPP7T8MreYNMb12oT8WnJK/TnFBqdzKMjwsq6Z5g2
UKUiMYR9owtzmHerqWFOjbSHqtaQGz2KBHabPC1GNlS8zYTYMmkYnE6FPP+O568t
8IUwzJAc3BDSJfZDY+mo37cp946kjwCN6NN+aZEzVG83tjgz6NrRpDv73YjH9Ej6
YjX+RpQAEQ+Plbt2f2gUTKwaqOaMiH1twBy5Ag0EV3f5JQEQAJqvwQd21kVJHURa
1C9gmZi3MD1Cc9TiKiXizNwOmLUPVcUYKh9JEjrNF/l3kQYqoozY8LHBSdly36eh
M0RXftCSSyAc77MmbguDnYbaVqbrA6eZt022/bhlI6C3ivVyUYthoTVD81tlyQ+j
+XuyMRZV2c45VZfeXCfi307wml9DR2BmG//gdLoqvLF43/1iF1y7KFpgYcdvtAGE
4JAKV3IpvICxw6/hcjJMHppwNhDWTrKkIs6XDDfWpZcQcJ6mvthC0ewzN/gEOXR5
YY6jFF4EXjm8ey+Hf2dGmUkz7uB+dFqHUcpQ0iaYarBWKU0yjQwv1ZByzi11aNHn
U5oUNpBoiN4H0xjoJxyT3meNYze5wt5aoZz8iDy09Xuz11C/tIZwiYQaYXprW3KG
06FF70x01RN8WXSh//yhxLwSbaa47T+OHbsy71kPDpwIegGg63B8HhbjwFqbCuw5
VCMSL/TyUDD9bGvGqmXft/j1fkZDZlbGsWmA/vm7hsUm4STanbXUZ3JJFouir5Kf
epcphULOYxAE4U6jLFWxJYQgRYwdLPr5jP5QGispdBu/ILL0gOnPfU5i70b/dn0Z
5klU1iulU7eO9w7mw/huaDR+eVFLmenO0Up3oHUBWMX6ayO7iNwGQaqoChZ9opT4
iVaRt7M4s/VazbV8nxTK9kLbeDZJABEBAAGJAh8EGAEKAAkFAld3+SUCGwwACgkQ
emAU4xZdThXUgw//dgXIb3BWOJ4WqKatkomFb7KCfeguWSYbIhSdgyIwIVhQFdoL
E8YecPywxVuuWXIthtqz8Rq4KMz2C1d1ngEV0rdNwFdkrRBka7co0ctlRyn9cUU6
nZgZyoMfMNuM6GwaOA934FJYGACHQSXX0bcLE6k7R/VivVahCC9u+y7lsV1QrfId
3Qr8QgVEJ7pe9gw/ljDeaeSHk0KgJRkCVlgFstbgnHPaBpdG8SbItO+CHVEBk9XG
OKA847XYTcvwsQigpjtwbp2P7TXfl6dwfCV7K+GmBOmFnypqIFNpItXW5AwVvuF2
o+rOhyS6W3R9Ol45dSAbwWRDUnVxEOYRmDAahx6bfbqfZ/X9jfxRfjR2TbpyCf7C
NYs7cmzW8520X2v26d/ybOPGahn1McwVX+7PonXc/geSLjk6+/Ujy5BslYqzPitY
drbJM5utq0FCdATCovMvobih1FyPXE9V2Ca/YUBOlO31fsbufIyZo8vRwj8wK/kp
v6Tlw2LpnrJAsyIydxU9+cfO5hrk85OE5aHPRYiog2L2aORU0xJ/hl8mZLIMWDvy
2xxD9mmDxdcdgMiVmakwPgNiu/d1JJ2x3d22NgRw2pcXkEIN4rjf0WH+Ll69WxTo
oLSJ3dWJ18gxqX94xMyXch0H146aCnRwIevhyqlVM9c69KKiXX22SmZuhSC5Ag0E
V3f7KQEQAKr/X9MwJNnDULsaZkX7Z63FIs+UR8g6JBoy6/tI0Vb1MbrT69WSWXjK
VNl1xI9Ri3gkfI6uvUZqHFOJ1UqlhRRfqiJjRhZNmrDoPTTYxhOMUvgP5xJ3ioNI
6u0o5YZoSa53tP2S+aUufDEOkmfYxU91uJRDyhez6ipikUdguK1CKbr1aHPgBakT
FBx9xpKUqIuPjO2i/oQdNKKiwc5a6B8XhoLVAbkavkl7aZHCWnH+/e9PveQk9mXv
7Cmfltj813c81CYlGhLHXYHUAGLRZSmnLvsIHdf4J73Oe/fhLJZLuEz2kPRVJ0Qp
CA0CfZZx6J+iHdo0OPOrnXpUhUn8rLXOmNPLZN3tLXNg0G9OF1c4UW6CNfKPZdJl
PZisQgNdlN5TSIhI9XUkPmeoyuBmvE0hAjdqR2Q3XFP1qh09Z4e6/0DfStpWcSDP
3J3MopFQjeycQ8YpHdDoqV/ST9OWeHimW0BhUli3V/b4gyvw5fi6xqmLqMXSXz4H
PqVICZVKbRJ6XwbpzAea51LvTkxd045uJH3P6WKSxC6gvLVHvf+b9OnsgCRu2HO4
6iDQfd8UK9VxN24rHdypZt/tyLb8zWXmoT9B60MvJMQAHuyvBrp1Z5EPh6gprNpi
QsSkNqZ8p7blZIU6LKvkbJL6joelQlW5fgMHr7TW0W8MAWmsZqHLABEBAAGJAh8E
GAEKAAkFAld3+ykCGyAACgkQemAU4xZdThWsnBAApR7cwq5nuPTqfM9J3GBzVsuQ
qXoI2R2KQ1Tih4pahIcOixg92Wi9Zw0P3MtU+JypZZdURpd9hoFt4q+gPldLM20g
Cyr+HWpjRuFecBy7adI8vS5OrcIaY4/8RL/4Zw87eWpmPPm5auljXfRIV4+4u0TV
Pq+a6YAVUKYI9Hm+iK4ucxQ189+WEb+NFOhNZGbrme6BFXxYAXRAybf5L9eL/Eq9
N6xrNSMa2w9qTneRn07QXEm/HIepWsjCR140bK77wAErYek/OZCv/pAWBS/yRxeH
eSulZOweMq/JmGvopV+PSmTPj3FjirPjBs6vrmIxVQLd5vKvEQaeUyjSybJmwKPL
LoJRy3dPzaDySTqH1okCeC/W0btFVjVGbiyMY8PbO6U5Tso+tGK0SDAR3NItaxXL
273yX4Xe6u3WprJTu/Dyok5IFaEj4rrBd28EWzSfT5AChunxUy7JBzlb7CYGDFBe
zdzjBSnOlDLBgOLb+IVpxPZQReXmOczeXzPg64uW6lpmg7Qygb/DUFCuVEqsjs3b
Gye1LD8gAajcBqZcXjCCCS61DCSi0l8jSwE2o+5LYB7zoN8MD6/iu0ZQuDJVpM5V
Tr2a9rhuK37AJwrOgC2jeeBIS5WJR1L+LyenIgKm98AUwobgQxhZZzei0bORV6VA
xlm0N1F5XmNjirAjp4U=
=1Ntd
-----END PGP PUBLIC KEY BLOCK-----