H4ck3rm1k3's Blog

exploration of free/libre open source software and things

How to deal with lost GPG keys — May 16, 2015

How to deal with lost GPG keys

if you lost access to your key and want to mark it as gone. You can never delete it.

First you want to use search to find and download all your old keys.

You can use gpg to edit the key, Then sign it . Then revoke sign it. Then Save it. Then publish your changes.

Details follow.

Searching:

gpg –search mike dupont
gpg: searching for “mike dupont” from hkp server keys.gnupg.net
(1) 1024 bit RSA key 9136003D, created: 1995-03-28
Keys 1-1 of 1 for “mike dupont”. Enter number(s), N)ext, or Q)uit > 1
gpg: requesting key 9136003D from hkp server keys.gnupg.net
gpg: key 9136003D: no user ID
gpg: Total number processed: 1

Editing:

gpg2 –edit-key D8F53FC2
gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
pub 1024D/D8F53FC2 created: 2009-05-21 expires: never usage: SC
trust: unknown validity: unknown
sub 2048g/88E87CF9 created: 2009-05-21 expires: never usage: E
[ unknown] (1). James Michael DuPont (my gmail, not googlemail one) <JamesMikeDuPont@gmail.com>

First you want to sign your key :

gpg> sign

pub 1024D/D8F53FC2 created: 2009-05-21 expires: never usage: SC
trust: unknown validity: unknown
Primary key fingerprint: 2D2E C091 7376 735F 701A A44B 8957 EF39 D8F5 3FC2

James Michael DuPont (my gmail, not googlemail one) <JamesMikeDuPont@gmail.com>

Are you sure that you want to sign this key with your
key “James Michael DuPont <jamesmikedupont@googlemail.com>” (237DA5CF)

Really sign? (y/N) y

You need a passphrase to unlock the secret key for
user: “James Michael DuPont <jamesmikedupont@googlemail.com>”
2048-bit RSA key, ID 237DA5CF, created 2015-04-05

Now you can revoke sign it :

gpg> revsig
You have signed these user IDs on key D8F53FC2:
James Michael DuPont (my gmail, not googlemail one) <JamesMikeDuPont@gmail.com>
signed by your key 237DA5CF on 2015-05-15

user ID: “James Michael DuPont (my gmail, not googlemail one) <JamesMikeDuPont@gmail.com>”
signed by your key 237DA5CF on 2015-05-15
Create a revocation certificate for this signature? (y/N) y
You are about to revoke these signatures:
James Michael DuPont (my gmail, not googlemail one) <JamesMikeDuPont@gmail.com>
signed by your key 237DA5CF on 2015-05-15
Really create the revocation certificates? (y/N) y
Please select the reason for the revocation:
0 = No reason specified
4 = User ID is no longer valid
Q = Cancel
Your decision? 4
Enter an optional description; end it with an empty line:
> Revoked. Please use 237DA5CF James Michael DuPont <jamesmikedupont@googlemail.com>
>
Reason for revocation: User ID is no longer valid
Revoked. Please use 237DA5CF James Michael DuPont <jamesmikedupont@googlemail.com>
Is this okay? (y/N) y

You need a passphrase to unlock the secret key for
user: “James Michael DuPont <jamesmikedupont@googlemail.com>”
2048-bit RSA key, ID 237DA5CF, created 2015-04-05
pub 1024D/D8F53FC2 created: 2009-05-21 expires: never usage: SC
trust: unknown validity: unknown
sub 2048g/88E87CF9 created: 2009-05-21 expires: never usage: E
[ unknown] (1). James Michael DuPont (my gmail, not googlemail one) <JamesMikeDuPont@gmail.com>

gpg> save

And now you can send it :

Key servers :

  • pgp.mit.edu
  • keyserver.ubuntu.com

More servers here : http://rossde.com/PGP/pgp_keyserv.html

gpg2 –send-keys D8F53FC2
gpg: sending key D8F53FC2 to hkp server keys.gnupg.net

See also :

Advertisements
Oracle Linux Enterprise? WTF?! — May 12, 2015

Oracle Linux Enterprise? WTF?!

Going to the state of Kansas website with my Debian GNU Linux Ice weasel I get the strangest warning :

We’ve detected that your operating system is not supported by this website. For best results, use one of the following operating systems:

Oracle Linux Enterprise
Mac OS X (Leopard)
Windows 2003
Windows XP
Windows 8
Mac OS X 10.6(Snow Leopard)
Windows 7
Windows Vista
iPad
Mac OS X (Tiger)

What??! Oracle Linux Enterprise, seriously?

Why I am leaving Go Daddy : No email or Ticket system, you don’t want to hear from me — May 6, 2015

Why I am leaving Go Daddy : No email or Ticket system, you don’t want to hear from me

Dear GoDaddy,

You dont want to hear from me, at least not in email. That is why I am leaving you.

You write me emails from <donotreply@godaddy.com>, you say :

We’re sorry you transferred your domain name(s) away from GoDaddy. We are committed to providing quality services and products and hope that we met your needs.

If you feel your transfer was in error, or if you have changed your mind, please contact our sales department at (480) 505-XXXX. They’ll assist you in transferring your domain name(s) back to us.

And then in the mail :

Please do not reply to this email. Emails sent to this address will not be answered.

This is the problem. I don’t want to wait for hours in your phone line. I dont want to talk to people. I am a computer geek, I want to email to support.

You supply supposed “Chat Support” which I cannot stand, I dont want to chat with someone I want to send you a text message. I cannot find any place to send you a text message on your website.

I told your support staff this as well. I said that I miss the ticket system. I miss being able to write emails to you. You did not respond.

I would have told you this any time in writing but you never ever gave my any way to give feedback online.

So I am blogging this. I will twitter it. Please don’t tell me how sorry you are. You made your choice to turn off your support ticket system. You made the choice to not accept emails. I am not going to accept any other solution to using you.

Well, one other thing that really motivated me, I can save a dollar by going to namecheap.com, but I would have told you that in Private if you had let me.

Mike