Skip to content

Commit

Permalink
keys/employees-keys/README.md: pre-commit fixes
Browse files Browse the repository at this point in the history 
Signed-off-by: Maciej Pijanowski <[email protected]>
  • Loading branch information
@macpijan
macpijan committed Nov 9, 2023
1 parent 2ec93c7 commit 5c09864
Showing 1 changed file with 29 additions and 29 deletions.
58 changes: 29 additions & 29 deletions keys/employees-keys/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,28 +72,29 @@ Your KEY_ID: D9E4EB63705C3897

#### Key hierarchy

Let's learn about key hierarch that above script created for us. Let's use following key as example:
Let's learn about key hierarch that above script created for us. Let's use
following key as example:

```
```shell
vault% gpg --edit-key A23A22E7ECF08AE4
(...)

Secret key is available.

sec rsa4096/A23A22E7ECF08AE4
created: 2023-10-17 expires: never usage: C
created: 2023-10-17 expires: never usage: C
trust: ultimate validity: ultimate
ssb rsa4096/EF24B10EB949136C
created: 2023-10-17 expires: 2024-10-16 usage: S
created: 2023-10-17 expires: 2024-10-16 usage: S
ssb rsa4096/F6B7D64D8E32E5CB
created: 2023-10-17 expires: 2024-10-16 usage: E
created: 2023-10-17 expires: 2024-10-16 usage: E
[ultimate] (1). Your Name (Employee Cert Key) <[email protected]>
```

We see three keys:
* `A23A22E7ECF08AE4` - Main/Master/Primary Key (`usage: C` - Certifying Key)
* `EF24B10EB949136C` - Signing Subkey (`usage: S`)
* `F6B7D64D8E32E5CB` - Encryption Subkey (`usage: E` )
- `EF24B10EB949136C` - Signing Subkey (`usage: S`)
- `F6B7D64D8E32E5CB` - Encryption Subkey (`usage: E` )

There is also possible `A` authentication key.

Expand Down Expand Up @@ -439,7 +440,6 @@ sudo service systemd-timesyncd stop
sudo date -s "2023-10-05 07:08:03 PM"
```


Now let's expire our main and associated subkeys:

```shell
Expand All @@ -448,20 +448,20 @@ gpg --edit-key KEYID

Procedure should look as follows:

```
```shell
gpg (GnuPG) 2.2.40; Copyright (C) 2022 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

sec rsa4096/8895D29C1B822905
created: 2023-05-05 expires: never usage: C
created: 2023-05-05 expires: never usage: C
trust: ultimate validity: ultimate
ssb rsa4096/1B1C3210563730D9
created: 2023-05-05 expires: 2024-05-04 usage: S
created: 2023-05-05 expires: 2024-05-04 usage: S
ssb rsa4096/1F97D67F4B465248
created: 2023-05-05 expires: 2024-05-04 usage: E
created: 2023-05-05 expires: 2024-05-04 usage: E
[ultimate] (1). Your Name (Employee Cert Key) <[email protected]>

gpg> expire
Expand All @@ -477,23 +477,23 @@ Key expires at Fri 06 Oct 2023 07:08:05 PM CEST
Is this correct? (y/N) y

sec rsa4096/8895D29C1B822905
created: 2023-05-05 expires: 2023-10-06 usage: C
created: 2023-05-05 expires: 2023-10-06 usage: C
trust: ultimate validity: ultimate
ssb rsa4096/1B1C3210563730D9
created: 2023-05-05 expires: 2024-05-04 usage: S
created: 2023-05-05 expires: 2024-05-04 usage: S
ssb rsa4096/1F97D67F4B465248
created: 2023-05-05 expires: 2024-05-04 usage: E
created: 2023-05-05 expires: 2024-05-04 usage: E
[ultimate] (1). Your Name (Employee Cert Key) <[email protected]>

gpg> key 1

sec rsa4096/8895D29C1B822905
created: 2023-05-05 expires: 2023-10-06 usage: C
created: 2023-05-05 expires: 2023-10-06 usage: C
trust: ultimate validity: ultimate
ssb* rsa4096/1B1C3210563730D9
created: 2023-05-05 expires: 2024-05-04 usage: S
created: 2023-05-05 expires: 2024-05-04 usage: S
ssb rsa4096/1F97D67F4B465248
created: 2023-05-05 expires: 2024-05-04 usage: E
created: 2023-05-05 expires: 2024-05-04 usage: E
[ultimate] (1). Your Name (Employee Cert Key) <[email protected]>

gpg> expire
Expand All @@ -509,23 +509,23 @@ Key expires at Fri 06 Oct 2023 07:08:20 PM CEST
Is this correct? (y/N) y

sec rsa4096/8895D29C1B822905
created: 2023-05-05 expires: 2023-10-06 usage: C
created: 2023-05-05 expires: 2023-10-06 usage: C
trust: ultimate validity: ultimate
ssb* rsa4096/1B1C3210563730D9
created: 2023-05-05 expires: 2023-10-06 usage: S
created: 2023-05-05 expires: 2023-10-06 usage: S
ssb rsa4096/1F97D67F4B465248
created: 2023-05-05 expires: 2024-05-04 usage: E
created: 2023-05-05 expires: 2024-05-04 usage: E
[ultimate] (1). Your Name (Employee Cert Key) <[email protected]>

gpg> key 2

sec rsa4096/8895D29C1B822905
created: 2023-05-05 expires: 2023-10-06 usage: C
created: 2023-05-05 expires: 2023-10-06 usage: C
trust: ultimate validity: ultimate
ssb* rsa4096/1B1C3210563730D9
created: 2023-05-05 expires: 2023-10-06 usage: S
created: 2023-05-05 expires: 2023-10-06 usage: S
ssb* rsa4096/1F97D67F4B465248
created: 2023-05-05 expires: 2024-05-04 usage: E
created: 2023-05-05 expires: 2024-05-04 usage: E
[ultimate] (1). Your Name (Employee Cert Key) <[email protected]>

gpg> expire
Expand All @@ -541,12 +541,12 @@ Key expires at Fri 06 Oct 2023 07:08:35 PM CEST
Is this correct? (y/N) y

sec rsa4096/8895D29C1B822905
created: 2023-05-05 expires: 2023-10-06 usage: C
created: 2023-05-05 expires: 2023-10-06 usage: C
trust: ultimate validity: ultimate
ssb* rsa4096/1B1C3210563730D9
created: 2023-05-05 expires: 2023-10-06 usage: S
created: 2023-05-05 expires: 2023-10-06 usage: S
ssb* rsa4096/1F97D67F4B465248
created: 2023-05-05 expires: 2023-10-06 usage: E
created: 2023-05-05 expires: 2023-10-06 usage: E
[ultimate] (1). Your Name (Employee Cert Key) <[email protected]>

gpg> save
Expand Down Expand Up @@ -602,8 +602,8 @@ procedure](#adding-key-to-repository).

#### Gitlab, Github and Gitea revocation

Go to all wesbites wher you used your GPG key. Delete key which you revoked and
expired. After deleting upload key which contain revocation and expiration
Go to all wesbites whhere you used your GPG key. Delete key which you revoked
and expired. After deleting upload key which contain revocation and expiration
signature. On Github it should look as follows:

![](/img/certify_key_revoked.png)
Expand Down

0 comments on commit 5c09864

Please sign in to comment.