Follow

Linux related stuff
- ArchLinux
- AUR
- Gentoo
- Setup your laptop with panic functions

Encryption
- GPG
- Certificates
- cryptsetup with LUKS
- tinc VPN

LinageOS
- Setting it up
- Doing some automation

Music
- Piano without scores

@bandie Maybe you can help me with that:

I have a gpg key with 3 sub keys (one for each type, signing, encryption, authentication)

If somebody encrypts something for me, which key do I need to decrypt that file then?

I have exported them with: —export-secret-keys <email id> and —export-secret-subkeys <email id>.

@bandie If I now for example want to use `pass` on a new computer, can I simply import the subkey file and it should work. Also as far as I understand, I can only do stuff with the whole chain with the exported keys file, so if that Pc doesnt have it, it can’t add new keys, right?

@lyze For decryption you use the [E] subkey.

I never used pass. Usually you should be okay with the specific subkey you really need. But maybe pass uses [A] for something? *shrugs*

@bandie Aha, and I can use whatever encryption key?
Like I revoked my old E key and generated a new one, but I can still decrypt everything normally. Seems a bit weird to me?

@lyze
It is because your new E key has been signed by the C key (Certify).

@lyze Remember uploading your new key changes. After a while you also should tell others to
gpg --refresh-keys

Sign in to participate in the conversation
chaos.social

chaos.social - because anarchy is much more fun with friends.
chaos.social is a small Mastodon instance for and by the Chaos community surrounding the Chaos Computer Club. We provide a small community space - Be excellent to each other, and have a look at what that means around here.
Follow @ordnung for low-traffic instance-related updates.
The primary instance languages are German and English.