diff --git a/how-to-benchmark-server-performance-using-speedtest-and-sysbench/README.md b/how-to-benchmark-server-performance-using-speedtest-and-sysbench/README.md index 0e97c5e..e0634d5 100644 --- a/how-to-benchmark-server-performance-using-speedtest-and-sysbench/README.md +++ b/how-to-benchmark-server-performance-using-speedtest-and-sysbench/README.md @@ -114,6 +114,8 @@ Network download speed: 95.82 Mbps Network upload speed: 95.63 Mbps +๐Ÿ‘ + ### Benchmark CPU ```console @@ -152,6 +154,8 @@ Threads fairness: CPU events per second: 403.87 +๐Ÿ‘ + ### Benchmark memory ```console @@ -196,6 +200,8 @@ Threads fairness: Memory speed: 3926.74 MiB/sec +๐Ÿ‘ + ### Benchmark disk ```console @@ -271,3 +277,5 @@ Removing test files.. Disk read throughput: 42.61 MiB/s Disk write throughput: 28.41 MiB/s + +๐Ÿ‘ diff --git a/how-to-configure-borg-client-on-macos-using-command-line/README.md b/how-to-configure-borg-client-on-macos-using-command-line/README.md index b06ce77..4c8b3f4 100644 --- a/how-to-configure-borg-client-on-macos-using-command-line/README.md +++ b/how-to-configure-borg-client-on-macos-using-command-line/README.md @@ -201,7 +201,7 @@ Write down the passphrase. Store both at safe place(s). ``` -#### Backup `~/.config/borg` and `~/Library/Keychains` folders +#### Back up `~/.config/borg` and `~/Library/Keychains` folders (learn how [here](http://localhost:3001/privacy-guides/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos)) > Heads-up: both key (stored in `~/.config/borg`) and passphrase (stored in `~/Library/Keychains`) are required to decrypt backup. diff --git a/how-to-create-encrypted-paper-backup/README.md b/how-to-create-encrypted-paper-backup/README.md index 6d942c6..4431cfd 100644 --- a/how-to-create-encrypted-paper-backup/README.md +++ b/how-to-create-encrypted-paper-backup/README.md @@ -323,6 +323,10 @@ n Done ``` +Done + +๐Ÿ‘ + The following image is now available on USB flash drive. ![177cc163](./177cc163.jpg?shadow=1) @@ -357,6 +361,10 @@ Secret: this is a test yo Done ``` +Done + +๐Ÿ‘ + ### Clone encrypted paper backup ```console @@ -399,6 +407,10 @@ n Done ``` +Done + +๐Ÿ‘ + The following image is now available on USB flash drive. ![524d8219](./524d8219.jpg?shadow=1) @@ -435,4 +447,6 @@ dd: error writing '/dev/sda1': No space left on device Done ``` +Done + ๐Ÿ‘ diff --git a/how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos/README.md b/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md similarity index 62% rename from how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos/README.md rename to how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md index 444f133..3cd5e3c 100644 --- a/how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos/README.md +++ b/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md @@ -1,5 +1,5 @@ -# How to encrypt, sign and decrypt messages using PGP on macOS +# How to encrypt, sign and decrypt messages using GnuPG on macOS -[![How to encrypt, sign and decrypt messages using PGP on macOS](how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos.png)](https://www.youtube.com/watch?v=mE8fL5Fu8x8 "How to encrypt, sign and decrypt messages using PGP on macOS") +[![How to encrypt, sign and decrypt messages using GnuPG on macOS](how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos.png)](https://www.youtube.com/watch?v=mE8fL5Fu8x8 "How to encrypt, sign and decrypt messages using GnuPG on macOS") -> WARNING: this is a getting started guide. For a hardened guide, see https://github.com/drduh/YubiKey-Guide +> WARNING: this is a โ€œgetting startedโ€ guide. For hardened guide, see https://github.com/drduh/YubiKey-Guide + +## Caveats + +- When copy/pasting commands that start with `$`, strip out `$` as this character is not part of the command ## Setup guide @@ -38,7 +42,7 @@ brew install gnupg ```console $ gpg --full-generate-key -gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc. +gpg (GnuPG) 2.2.27; Copyright (C) 2021 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. @@ -52,7 +56,7 @@ Please select what kind of key you want: (14) Existing key from card Your selection? 1 RSA keys may be between 1024 and 4096 bits long. -What keysize do you want? (2048) 4096 +What keysize do you want? (3072) 4096 Requested keysize is 4096 bits Please specify how long the key should be valid. 0 = key does not expire @@ -82,22 +86,20 @@ some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: /Users/sunknudsen/.gnupg/trustdb.gpg: trustdb created -gpg: key 1BDC94DFB97BE4D4 marked as ultimately trusted +gpg: key DFCECB410CE8A745 marked as ultimately trusted gpg: directory '/Users/sunknudsen/.gnupg/openpgp-revocs.d' created -gpg: revocation certificate stored as '/Users/sunknudsen/.gnupg/openpgp-revocs.d/F365EDCF06F4D9F09BB7D4EB1BDC94DFB97BE4D4.rev' +gpg: revocation certificate stored as '/Users/sunknudsen/.gnupg/openpgp-revocs.d/E1B962BF7B5577A7B8021D18DFCECB410CE8A745.rev' public and secret key created and signed. -pub rsa4096 2020-06-16 [SC] - F365EDCF06F4D9F09BB7D4EB1BDC94DFB97BE4D4 +pub rsa4096 2021-03-24 [SC] + E1B962BF7B5577A7B8021D18DFCECB410CE8A745 uid John Doe -sub rsa4096 2020-06-16 [E] +sub rsa4096 2021-03-24 [E] ``` -### Step 5: set default PGP key server to `hkps://keys.openpgp.org` +### Step 5: back up `~/.gnupg` folder (learn how [here](http://localhost:3001/privacy-guides/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos)) -```shell -echo "keyserver hkps://keys.openpgp.org" >> ~/.gnupg/dirmngr.conf -``` +> Heads-up: files stored in `~/.gnupg` include private keys which, if lost, results in loosing oneโ€™s cryptographic identity (safeguard backup carefully). ๐Ÿ‘ @@ -111,19 +113,36 @@ echo "keyserver hkps://keys.openpgp.org" >> ~/.gnupg/dirmngr.conf gpg --armor --export john@example.net > ~/Desktop/john.asc ``` -### Import Sunโ€™s PGP public key +### Import Sunโ€™s public key using key serverโ€ฆ -```shell -gpg --keyserver hkps://keys.openpgp.org --recv-keys 0xC1323A377DE14C8B +```console +$ gpg --keyserver hkps://keys.openpgp.org --recv-keys 0xC1323A377DE14C8B +gpg: key 0xC1323A377DE14C8B: public key "Sun Knudsen " imported +gpg: Total number processed: 1 +gpg: imported: 1 ``` -or +imported: 1 -```shell -curl https://sunknudsen.com/sunknudsen.asc | gpg --import +๐Ÿ‘ + +### โ€ฆor using public key URL + +```console +$ curl https://sunknudsen.com/sunknudsen.asc | gpg --import + % Total % Received % Xferd Average Speed Time Time Time Current + Dload Upload Total Spent Left Speed +100 6896 100 6896 0 0 11589 0 --:--:-- --:--:-- --:--:-- 11570 +gpg: key 0xC1323A377DE14C8B: public key "Sun Knudsen " imported +gpg: Total number processed: 1 +gpg: imported: 1 ``` -### Confirm Sunโ€™s PGP public key is legit using its fingerprint +imported: 1 + +๐Ÿ‘ + +### Verify Sunโ€™s PGP public key using its fingerprint ```console $ gpg --fingerprint hello@sunknudsen.com @@ -133,12 +152,12 @@ gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u pub rsa4096 2019-10-17 [C] C4FB DDC1 6A26 2672 920D 0A0F C132 3A37 7DE1 4C8B uid [ unknown] Sun Knudsen -sub rsa4096 2019-10-17 [A] [expires: 2020-10-16] -sub rsa4096 2019-10-17 [E] [expires: 2020-10-16] -sub rsa4096 2019-10-17 [S] [expires: 2020-10-16] +sub rsa4096 2019-10-17 [E] [expires: 2021-10-25] +sub rsa4096 2019-10-17 [A] [expires: 2021-10-25] +sub rsa4096 2019-10-17 [S] [expires: 2021-10-25] ``` -See https://sunknudsen.com/, https://github.com/sunknudsen/pgp-public-key and https://www.youtube.com/sunknudsen/about and make sure fingerprint `C4FB DDC1 6A26 2672 920D 0A0F C132 3A37 7DE1 4C8B` matches the one published. +Open https://sunknudsen.com/, https://github.com/sunknudsen/pgp-public-key and https://www.youtube.com/sunknudsen/about and make sure above fingerprint (`C4FB DDC1 6A26 2672 920D 0A0F C132 3A37 7DE1 4C8B`) matches published fingerprints. ๐Ÿ‘ @@ -166,14 +185,18 @@ This is a test! $ gpg --decrypt ~/Desktop/encrypted.asc | perl -MMIME::QuotedPrint -0777 -nle 'print decode_qp($_)' gpg: encrypted with 4096-bit RSA key, ID 5574F4B0B0F67D7F, created 2019-10-17 "Sun Knudsen " -gpg: encrypted with 4096-bit RSA key, ID 0DA22A1AC7DBA3F9, created 2020-06-16 +gpg: encrypted with 4096-bit RSA key, ID D21EDF2B2BC20129, created 2021-03-24 "John Doe " -gpg: Signature made Thu 18 Jun 10:45:04 2020 EDT -gpg: using RSA key F365EDCF06F4D9F09BB7D4EB1BDC94DFB97BE4D4 +gpg: Signature made Wed 24 Mar 11:04:49 2021 EDT +gpg: using RSA key E1B962BF7B5577A7B8021D18DFCECB410CE8A745 gpg: Good signature from "John Doe " [ultimate] This is a test! ``` +Good signature + +๐Ÿ‘ + ### Clear passphrase from GnuPG cache ```shell @@ -181,5 +204,3 @@ gpg-connect-agent reloadagent /bye ``` > Heads-up: when sending [encrypted messages](#paste-encrypt-and-sign-message-enter-line-break-and-use-command-ctrld-to-quit-edit-mode), donโ€™t forget to include your [public key](#export-johns-pgp-public-key). - -๐Ÿ‘ diff --git a/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos.png b/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos.png new file mode 100644 index 0000000..00ed069 Binary files /dev/null and b/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos.png differ diff --git a/how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos/how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos.png b/how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos/how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos.png deleted file mode 100644 index 9c7fd91..0000000 Binary files a/how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos/how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos.png and /dev/null differ