Cryptography – A GPG key with multiple user identities for my career?

I'm trying to figure out how the best approach to managing GPG keys during my career is when I change jobs.

To my knowledge, there are two ways to achieve this:

  1. Have a main / main GPG key with subkeys for signing and encrypting.
  2. Have multiple GPG keys.

I am more confident and tend to have a GPG key with subkeys and multiple user IDs.

Every time I start a new job with an organization, I would create a new user ID with the email address for that company. I would also revoke the previous user ID.

Does that seem okay? Or am I missing something?

gnupg – Can I use 3 equal subkeys for 2 different GPG smart cards?

Yes, that should work as described.

To test, try to use the decrypting files that are encrypted with your public key. Use them to sign files and see if you can check them using your pub etc.

In my limited experience, the biggest problem with using the same keys on backup cards is that the system looks for the keys on a particular card, regardless of whether there is a copy on the currently inserted smart card. When I had this problem, I deleted my gpg directory (already backed up elsewhere) and ran gpg - map status cleaned up

16.04 – Does DPKG support GPG signature validation for Debian package files?

I'm trying to enable GPG checking in /etc/dpkg/dpkg.cfg by removing "no-debsig" in this configuration file:

, # Do not enable debsig-verify by default; Since the distribution does not use embedded signatures, debsig-verify rejects all packages.

# no-debsig

Then I tried to download and install some unsigned .deb files to my Ubuntu server, but I can install them as usual without further action (reject, warning).

So my question is this: Suppose I downloaded a .deb file from the Internet and then ran this file with "dpkg -i" to install it. How can I check if it's from a trusted source or not? I am using the Ubuntu server 16.04. Many Thanks!

Key Management – Assuming FDE – what are passwords that protect private GPG / SSH keys?

SSH and GPG ask for passphrases during key generation. GPG also indicates (at least from my experience) warnings if one is not provided and asks for confirmation that no security is indeed desirable.

So it seems important to provide such passphrases.

However, assuming full disk encryption, I can not fully understand why?

My (probably flawed) thinking is as follows. These are threats to private keys:

  • Equipment theft; However, if someone steals a device that is off, the FDE will already protect me from it (at least until the thief is strong enough to apply the rubber hose decoding on me).
  • Instantaneous physical access; but in that case, I'll be hosed down anyway;
  • My PC is at risk, someone has managed to install malware on my device. In this case, I'm also hosed down because I've installed a keylogger that steals my passphrase. And even if the attacker could not root my PC!

The only scenario that I can think of when the passphrase is good is the theft of a powered-on device. then the passphrase could actually save me; but I do not think such a scenario is very likely. On the other hand, it is annoying to have to re-enter the passphrase each time I send a git or e-mail.

What is the use of passphrases that protect private SSH / GPG keys that I do not know about?

Encryption – Can a third party use GPG to verify that the message was encrypted by a specific public key?

Bob sends the message X to Alice. He encrypts X with Alice's public key with gpg and sends her encrypted message (ciphertext).

Later, Alice claims that Bob made a mistake and that the ciphertext was not created with her public key.

Can Bob prove to third parties that the encrypted message is actually encrypted with Alice's public key?

The resulting encrypted message is different each time message X is the same (will the same file with GnuPG and the same key generate the same ciphertext?) So that the third party can not simply re-encrypt it and give results. Is there another way?

If possible, provide instructions on how to do this in the existing software.

gnupg – Why can GPG sign messages but no keys?

I'm trying to provide some of the public keys that I have in my keyring with local signatures, but with gpg --lsign-key fails with the message "no secret key" despite the fact gpg --sign is working. I use a Yubikey as a chip card.

GPG indicates that the secret key is not available, but there is a signature key on the connected smart card:

$ gpg --list-secret-keys
sec # rsa4096 / 0xDEADBEEFDEADBEEF 2000-01-01 [SC]
uid                   [ultimate] My name 
ssb> rsa4096 / 0x8BADF00D8BADF00D 2000-01-01 [E] [expires: 2020-12-31]

ssb> rsa4096 / 0xBADDCAFEBADDCAFE 2000-01-01 [S] [expires: 2020-12-31]

ssb> rsa4096 / 0xFACEFEEDFACEFEED 2000-01-01 [A] [expires: 2020-12-31]

I can sign a message:

$ echo "test" | gpg --sign --armor
gpg: Using "DEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF" as the default secret key for signing

[snipped signature]
----- END PGP MESSAGE -----

But I can not --sign-key:

$ gpg --lsign-key

pub rsa4096 / 0x782F6D86DED32B71
created: 2018-08-20 expires: 2019-08-20 usage: SC
Trust: marginal validity: unknown
Sub-rsa4096 / 0x1C3F44E9CB9F9E3A
Created: 2018-08-20 Expires: 2019-08-20 Usage: E
[ unknown] (1). Apple product safety 
[ unknown]    (2) Apple Product Safety Notifications 

Really sign all user IDs? (y / N) y
gpg: Using "DEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF" as the default secret key for signing

pub rsa4096 / 0x782F6D86DED32B71
created: 2018-08-20 expires: 2019-08-20 usage: SC
Trust: marginal validity: unknown
Primary key Fingerprint: 0CD5 C954 D089 2440 1598 9759 782F 6D86 DED3 2B71

Apple product safety 
     Apple product safety notifications 

This key will expire on 2019-08-20.
Are you sure you want to sign this key with yours?
Key "my name" "(0xDEADBEEFDEADBEEF)

The signature is marked as not exportable.

Really sign? (y / N) y
gpg: signature failed: no secret key
gpg: signature failed: no secret key

Key not changed, therefore no update required.

How can I add a signature to this key to verify it?