keys picture

PGP keys

In this article:

Those keys can be used to verify the downloaded files, signed email and messages, as well as contact me privately.

Get the key

My PGP key is available at the following locations:

All these files should contain the same set of keys. If one of them differ, something fishy is most likely occurring.

In most situations, fetching and importing my key should be something as simple as executing the following command:

gpg --search-keys whitewinterwolf

Note

In some environment, the port used by default to fetch PGP keys (HKP protocol on port TCP-11371) may not be available. In such cases switch to a server offering the port 80 instead:

gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --search-keys whitewinterwolf

Depending on your gpg configuration, this should list you the public keys matching the provided keyword on the SKS Keyservers. As for now, only a single set of keys matches: mine.

I encourage you to check the keys from at least to distinct sources to ensure its authenticity.

Key details

  • UID: WhiteWinterWolf <contact@whitewinterwolf.com>
  • Key ID: 0xDB4B188B00308E1C
  • Fingerprint: B45A CC0B 6E7A 732A EA5E 4A41 DB4B 188B 0030 8E1C
  • Validity period: created: 2017-12-05, expires: 2018-12-05
  • Type: RSA-4096 (more information).

How to check a downloaded file

Once my PGP key has been imported in your keyring, use the following command to check your downloaded file:

gpg --verify-options pka-lookups --verify tosig.sig tosign.txt

How to send an encrypted email

If you want to quickly be able to use encrypted or signed email without delving into technical details, follow the Email Self-Defense guide published by the Free Software Foundation. This is a practical step-by-step guide based on Thunderbird and the Enigmail plugin with an automated bot allowing you to train your newly acquired skills.

Thunderbird is available on Windows as well as on most common *nixes. Associated to the Enigmail plugin, this is the most common setup to send and receive PGP-protected emails.

To dig further

If you want to go further with PGP, I especially recommend you the following articles:

  • John Michael Ashley’s The GNU Privacy Handbook, hosted on the GnuPG project website, provides a first approach to GPG.

  • Debian Wiki article Using OpenPGP subkeys in Debian development provides procedures to create safer keys, notably through the use of subkeys.

  • Riseup’s OpenPGP Best Practices provides advices to get the most benefits from GPG. The same website also hosts other articles on GPG keys usage and life-cycle.

  • Also note that some systems offer a specific integration of PGP, such as Qubes OS’s Split GPG which allows to isolate the keyring from other applications and from the network in a somewhat similar way as a software-based HSM.

Popular tags see all

Website

Author

Follow