4/20/2023 0 Comments Keybase decrypt with private key![]() ![]() It can be bespoke and a bit fiddly, but the standard itself is safe enough. That means although it’s a website, you’re never sending your data to Keybase. The encryption happens in the browser itself, without querying the server except to fetch the public key. Essentially, it provides a way to say “yes, /andrewhowdencom is /andrewhowdencom”.Īnd, most importantly for our purposes, it provides easy ways to encrypt things with the public key. It allows a public chain of trust, endorsements and the signing of various public properties such as Twitter, GitHub etc. However, keybase.io has done some tremendous work making PGP more accessible and usable to the general public. Traditionally PGP was the domain of “serious computer people” of Linux nerds, hackers and encryption geeks. That means only someone who has my keyring and the associated pass code can decrypt the content that is encrypted with the public key. Private key: used for decrypting content, and generating signaturesĪs the name suggests, the private key is private - specifically, it’s stored on a Yubikey on my keyring.Public key: used for encrypting content, and verifying signatures.Without going too far into the details, I have a: Keybase is built on top of PGP, or “Pretty Good Privacy” is an encryption specification based on public-key cryptography. Take the content that starts BEGIN PGP MESSAGE and send it via a normal email.Enter a message that contains the credentials, and hit “encrypt”.Navigate to keybase.io/encrypt#andrewhowdencom.However, there’s a pattern I’ve hit on that I quite like: Keybase. Whatsapp / Signal work, but aren’t super good in a professional context.Slack/Hangouts/$ might be encrypted in transport, but not at rest and not exclusively to me and my partner.It turns out there are few ways to do this: These credentials need to be transferred in a way that only the person who is sending them and me, the recipient, are able to read those credentials. This means transferring the credentials that access these production systems - the same credentials that give access to critical user data. Generally speaking we take over projects that already exist, rather than designing them from the ground up. ![]() I work at a software agency, which means I and my colleagues build the software of third party companies to help them serve their users. This is a privileged position to be, and one that I take extremely seriously. Access ancillary systems to debug that software.Access and debug that software in a production environment.Edit the software that runs those systems.The phrase “bork fork” encrypted with my public keyĪs a software developer I need a level of access to business critical systems far beyond what normal users require. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |