Ubuntu needs to get off of the dime and fix their encryption packages.
I've been using Keybase and have been happy with it. I recently acquired a GnuPG smart card (v2.1). The problem that I ran into was that I could not transfer my existing keys to the card because they're 2048-bit. The current gpg and gpg2 tools refuse to upload anything larger than 1024-bit keys (though v2.1 of the card can handle them).
The work-around appears to be generating the keys on the card (e.g., "gpg2 --card-edit" followed by "generate"). Short version: I had to generate new keys. The problem with this is that you basically have to destroy and rebuild your Keybase profile. I spent about an hour doing this (pushing the public key to Keybase, re-validating all of my sites, updating keys on other servers, etc.).
Everything appears normal (fingers crossed).
No comments:
Post a Comment