s83/privacy-guides
1
0
Fork 0
mirror of https://github.com/sunknudsen/privacy-guides.git synced 2025-02-23 09:13:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improved guides

Browse Source
This commit is contained in:
Sun Knudsen 2021-03-25 06:38:48 -04:00
parent cdcec24545
commit 28fdd648db
No known key found for this signature in database
GPG Key ID: 1FA767862BBD1305
6 changed files with 75 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
how-to-benchmark-server-performance-using-speedtest-and-sysbench/README.md
View File

@ -114,6 +114,8 @@ Network download speed: 95.82 Mbps
Network upload speed: 95.63 Mbps Network upload speed: 95.63 Mbps
👍
### Benchmark CPU ### Benchmark CPU
```console ```console
@ -152,6 +154,8 @@ Threads fairness:
CPU events per second: 403.87 CPU events per second: 403.87
👍
### Benchmark memory ### Benchmark memory
```console ```console
@ -196,6 +200,8 @@ Threads fairness:
Memory speed: 3926.74 MiB/sec Memory speed: 3926.74 MiB/sec
👍
### Benchmark disk ### Benchmark disk
```console ```console
@ -271,3 +277,5 @@ Removing test files..
Disk read throughput: 42.61 MiB/s Disk read throughput: 42.61 MiB/s
Disk write throughput: 28.41 MiB/s Disk write throughput: 28.41 MiB/s
👍

2
how-to-configure-borg-client-on-macos-using-command-line/README.md
View File

@ -201,7 +201,7 @@ Write down the passphrase. Store both at safe place(s).
``` ```
#### Backup `~/.config/borg` and `~/Library/Keychains` folders #### Back up `~/.config/borg` and `~/Library/Keychains` folders (learn how [here](http://localhost:3001/privacy-guides/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos))
> Heads-up: both key (stored in `~/.config/borg`) and passphrase (stored in `~/Library/Keychains`) are required to decrypt backup. > Heads-up: both key (stored in `~/.config/borg`) and passphrase (stored in `~/Library/Keychains`) are required to decrypt backup.

14
how-to-create-encrypted-paper-backup/README.md
View File

@ -323,6 +323,10 @@ n
Done Done
``` ```
Done
👍
The following image is now available on USB flash drive. The following image is now available on USB flash drive.
![177cc163](./177cc163.jpg?shadow=1) ![177cc163](./177cc163.jpg?shadow=1)
@ -357,6 +361,10 @@ Secret: this is a test yo
Done Done
``` ```
Done
👍
### Clone encrypted paper backup ### Clone encrypted paper backup
```console ```console
@ -399,6 +407,10 @@ n
Done Done
``` ```
Done
👍
The following image is now available on USB flash drive. The following image is now available on USB flash drive.
![524d8219](./524d8219.jpg?shadow=1) ![524d8219](./524d8219.jpg?shadow=1)
@ -435,4 +447,6 @@ dd: error writing '/dev/sda1': No space left on device
Done Done
``` ```
Done
👍 👍

83
how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos/README.md → how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md
View File

@ -1,5 +1,5 @@
<!-- <!--
Title: How to encrypt, sign and decrypt messages using PGP on macOS Title: How to encrypt, sign and decrypt messages using GnuPG on macOS
Description: Learn how to encrypt, sign and decrypt messages using PGP on macOS. Description: Learn how to encrypt, sign and decrypt messages using PGP on macOS.
Author: Sun Knudsen <https://github.com/sunknudsen> Author: Sun Knudsen <https://github.com/sunknudsen>
Contributors: Sun Knudsen <https://github.com/sunknudsen>, Albert <https://github.com/farwel> Contributors: Sun Knudsen <https://github.com/sunknudsen>, Albert <https://github.com/farwel>
@ -8,11 +8,15 @@ Publication date: 2020-06-18T00:00:00.000Z
Listed: true Listed: true
--> -->
# How to encrypt, sign and decrypt messages using PGP on macOS # How to encrypt, sign and decrypt messages using GnuPG on macOS
[![How to encrypt, sign and decrypt messages using PGP on macOS](how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos.png)](https://www.youtube.com/watch?v=mE8fL5Fu8x8 "How to encrypt, sign and decrypt messages using PGP on macOS") [![How to encrypt, sign and decrypt messages using GnuPG on macOS](how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos.png)](https://www.youtube.com/watch?v=mE8fL5Fu8x8 "How to encrypt, sign and decrypt messages using GnuPG on macOS")
> WARNING: this is a getting started guide. For a hardened guide, see https://github.com/drduh/YubiKey-Guide > WARNING: this is a “getting started” guide. For hardened guide, see https://github.com/drduh/YubiKey-Guide
## Caveats
- When copy/pasting commands that start with `$`, strip out `$` as this character is not part of the command
## Setup guide ## Setup guide
@ -38,7 +42,7 @@ brew install gnupg
```console ```console
$ gpg --full-generate-key $ gpg --full-generate-key
gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc. gpg (GnuPG) 2.2.27; Copyright (C) 2021 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it. This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. There is NO WARRANTY, to the extent permitted by law.
@ -52,7 +56,7 @@ Please select what kind of key you want:
(14) Existing key from card (14) Existing key from card
Your selection? 1 Your selection? 1
RSA keys may be between 1024 and 4096 bits long. RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096 What keysize do you want? (3072) 4096
Requested keysize is 4096 bits Requested keysize is 4096 bits
Please specify how long the key should be valid. Please specify how long the key should be valid.
0 = key does not expire 0 = key does not expire
@ -82,22 +86,20 @@ some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy. generator a better chance to gain enough entropy.
gpg: /Users/sunknudsen/.gnupg/trustdb.gpg: trustdb created gpg: /Users/sunknudsen/.gnupg/trustdb.gpg: trustdb created
gpg: key 1BDC94DFB97BE4D4 marked as ultimately trusted gpg: key DFCECB410CE8A745 marked as ultimately trusted
gpg: directory '/Users/sunknudsen/.gnupg/openpgp-revocs.d' created gpg: directory '/Users/sunknudsen/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/Users/sunknudsen/.gnupg/openpgp-revocs.d/F365EDCF06F4D9F09BB7D4EB1BDC94DFB97BE4D4.rev' gpg: revocation certificate stored as '/Users/sunknudsen/.gnupg/openpgp-revocs.d/E1B962BF7B5577A7B8021D18DFCECB410CE8A745.rev'
public and secret key created and signed. public and secret key created and signed.
pub rsa4096 2020-06-16 [SC] pub rsa4096 2021-03-24 [SC]
F365EDCF06F4D9F09BB7D4EB1BDC94DFB97BE4D4 E1B962BF7B5577A7B8021D18DFCECB410CE8A745
uid John Doe <john@example.net> uid John Doe <john@example.net>
sub rsa4096 2020-06-16 [E] sub rsa4096 2021-03-24 [E]
``` ```
### Step 5: set default PGP key server to `hkps://keys.openpgp.org` ### Step 5: back up `~/.gnupg` folder (learn how [here](http://localhost:3001/privacy-guides/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos))
```shell > Heads-up: files stored in `~/.gnupg` include private keys which, if lost, results in loosing ones cryptographic identity (safeguard backup carefully).
echo "keyserver hkps://keys.openpgp.org" >> ~/.gnupg/dirmngr.conf
```
👍 👍
@ -111,19 +113,36 @@ echo "keyserver hkps://keys.openpgp.org" >> ~/.gnupg/dirmngr.conf
gpg --armor --export john@example.net > ~/Desktop/john.asc gpg --armor --export john@example.net > ~/Desktop/john.asc
``` ```
### Import Suns PGP public key ### Import Suns public key using key server…
```shell ```console
gpg --keyserver hkps://keys.openpgp.org --recv-keys 0xC1323A377DE14C8B $ gpg --keyserver hkps://keys.openpgp.org --recv-keys 0xC1323A377DE14C8B
gpg: key 0xC1323A377DE14C8B: public key "Sun Knudsen <hello@sunknudsen.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
``` ```
or imported: 1
```shell 👍
curl https://sunknudsen.com/sunknudsen.asc | gpg --import
### …or using public key URL
```console
$ curl https://sunknudsen.com/sunknudsen.asc | gpg --import
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 6896 100 6896 0 0 11589 0 --:--:-- --:--:-- --:--:-- 11570
gpg: key 0xC1323A377DE14C8B: public key "Sun Knudsen <hello@sunknudsen.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
``` ```
### Confirm Suns PGP public key is legit using its fingerprint imported: 1
👍
### Verify Suns PGP public key using its fingerprint
```console ```console
$ gpg --fingerprint hello@sunknudsen.com $ gpg --fingerprint hello@sunknudsen.com
@ -133,12 +152,12 @@ gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub rsa4096 2019-10-17 [C] pub rsa4096 2019-10-17 [C]
C4FB DDC1 6A26 2672 920D 0A0F C132 3A37 7DE1 4C8B C4FB DDC1 6A26 2672 920D 0A0F C132 3A37 7DE1 4C8B
uid [ unknown] Sun Knudsen <hello@sunknudsen.com> uid [ unknown] Sun Knudsen <hello@sunknudsen.com>
sub rsa4096 2019-10-17 [A] [expires: 2020-10-16] sub rsa4096 2019-10-17 [E] [expires: 2021-10-25]
sub rsa4096 2019-10-17 [E] [expires: 2020-10-16] sub rsa4096 2019-10-17 [A] [expires: 2021-10-25]
sub rsa4096 2019-10-17 [S] [expires: 2020-10-16] sub rsa4096 2019-10-17 [S] [expires: 2021-10-25]
``` ```
See https://sunknudsen.com/, https://github.com/sunknudsen/pgp-public-key and https://www.youtube.com/sunknudsen/about and make sure fingerprint `C4FB DDC1 6A26 2672 920D 0A0F C132 3A37 7DE1 4C8B` matches the one published. Open https://sunknudsen.com/, https://github.com/sunknudsen/pgp-public-key and https://www.youtube.com/sunknudsen/about and make sure above fingerprint (`C4FB DDC1 6A26 2672 920D 0A0F C132 3A37 7DE1 4C8B`) matches published fingerprints.
👍 👍
@ -166,14 +185,18 @@ This is a test!
$ gpg --decrypt ~/Desktop/encrypted.asc | perl -MMIME::QuotedPrint -0777 -nle 'print decode_qp($_)' $ gpg --decrypt ~/Desktop/encrypted.asc | perl -MMIME::QuotedPrint -0777 -nle 'print decode_qp($_)'
gpg: encrypted with 4096-bit RSA key, ID 5574F4B0B0F67D7F, created 2019-10-17 gpg: encrypted with 4096-bit RSA key, ID 5574F4B0B0F67D7F, created 2019-10-17
"Sun Knudsen <hello@sunknudsen.com>" "Sun Knudsen <hello@sunknudsen.com>"
gpg: encrypted with 4096-bit RSA key, ID 0DA22A1AC7DBA3F9, created 2020-06-16 gpg: encrypted with 4096-bit RSA key, ID D21EDF2B2BC20129, created 2021-03-24
"John Doe <john@example.net>" "John Doe <john@example.net>"
gpg: Signature made Thu 18 Jun 10:45:04 2020 EDT gpg: Signature made Wed 24 Mar 11:04:49 2021 EDT
gpg: using RSA key F365EDCF06F4D9F09BB7D4EB1BDC94DFB97BE4D4 gpg: using RSA key E1B962BF7B5577A7B8021D18DFCECB410CE8A745
gpg: Good signature from "John Doe <john@example.net>" [ultimate] gpg: Good signature from "John Doe <john@example.net>" [ultimate]
This is a test! This is a test!
``` ```
Good signature
👍
### Clear passphrase from GnuPG cache ### Clear passphrase from GnuPG cache
```shell ```shell
@ -181,5 +204,3 @@ gpg-connect-agent reloadagent /bye
``` ```
> Heads-up: when sending [encrypted messages](#paste-encrypt-and-sign-message-enter-line-break-and-use-command-ctrld-to-quit-edit-mode), dont forget to include your [public key](#export-johns-pgp-public-key). > Heads-up: when sending [encrypted messages](#paste-encrypt-and-sign-message-enter-line-break-and-use-command-ctrld-to-quit-edit-mode), dont forget to include your [public key](#export-johns-pgp-public-key).
👍

BIN
how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 751 KiB

BIN
how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos/how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 752 KiB