asmir/project-cloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: asmir:b455eaa882225d6cd80be3dcf296b701fb8f4d96
Branches Tags
asmir:master
...
compare: asmir:master
Branches Tags
asmir:master

13 Commits
b455eaa882 ... master

Author SHA1 Message Date
Asmir A
eab712e421 config: disable /cloud/ link 2024-10-16 13:14:49 +02:00
Asmir A
ad6af66a61 goatcounter: add script tag to index.html 2024-01-21 21:52:06 +01:00
Asmir A
88ce25f6b4 avatar: change color tone to be visible with dark theme 2023-11-17 20:16:39 +01:00
Asmir A
be545b5225 add description 2023-11-15 23:33:27 +01:00
Asmir A
7b4ff3bad1 add title 2023-11-15 23:28:22 +01:00
Asmir A
76240e342c avatart convert from png to webp 2023-11-15 23:17:50 +01:00
Asmir A
8f378c2237 enable search 2023-11-15 22:56:26 +01:00
Asmir A
59fe04e1df add taxonomies 2023-11-15 22:56:10 +01:00
Asmir A
c2e5fad0ec enable tac within post 2023-11-15 22:06:56 +01:00
Asmir A
72ed4edcfe enable katex 2023-11-15 22:04:06 +01:00
Asmir A
086a0f8f71 enable toc 2023-11-15 22:02:11 +01:00
Asmir A
6873fb66dd remove wip from index 2023-11-15 21:06:41 +01:00
Asmir A
c30b26808b finish post abput gpg public key 2023-11-15 21:06:25 +01:00
7 changed files with 100 additions and 17 deletions
Expand all files Collapse all files

24
config.toml
View File

@@ -1,27 +1,41 @@
# The URL the site will be built for
base_url = "https://project-cloud.net"
title = "project-cloud"
description = "Cloud and blog platform for personal and consulting projects."
# Whether to automatically compile all Sass files in the sass directory
compile_sass = true
# Whether to build a search index to be used later on by a JavaScript library
build_search_index = false
build_search_index = true
theme = "DeepThought"
minify_html = true
taxonomies = [
{ name = "categories", feed = true, paginate_by = 10 },
{ name = "tags", feed = true, paginate_by = 10 },
]
[search]
include_title = true
include_description = false
include_path = false
include_content = true
[markdown]
highlight_code = true
[extra]
list_pages = true
toc = true
katex.enabled = true
katex.auto_render = true
navbar_items = [
{ code = "en", nav_items = [
{ url = "/", name = "/home/"},
{ url = "/posts", name = "/posts/"},
{ url = "https://git.project-cloud.net", name = "/git/"},
{ url = "https://cloud.project-cloud.net", name = "/cloud/"}
#{ url = "https://cloud.project-cloud.net", name = "/cloud/"}
]},
]
@@ -30,4 +44,4 @@ navbar_items = [
# Author details
[extra.author]
name = "Asmir Abdulahovic"
avatar = "/images/my_avatar.png"
avatar = "images/my_avatar.webp"

3
content/_index.md
View File

@@ -3,9 +3,6 @@ title = "project cloud"
description = "Cloud and blog platform for personal and consulting projects."
+++
## Public Key
WP
## Contact
- Email: [asmir.abdulahovic@gmail.com](mailto:asmir.abdulahovic@gmail.com)

88
content/posts/2023-11-15-using_gpg_public_key.md
View File

@@ -1,25 +1,95 @@
+++
title = "Using GPG Public Key"
[taxonomies]
tags = ["gpg", "encryption"]
[extra]
toc = true
comments = false
+++
GNU Privacy Guart (GPG) is an pupular two factor encrytpion system often used for signing or encrypting emails, files or even git commits.
This post foruces on using provided public key to check signature validity for files signed using complementary public key.
GNU Privacy Guard (GPG) is an popular two factor encryption system often used for signing or encrypting emails, files or even git commits.
This post focuses on using provided public key to check signature validity for files signed using complementary public key.
## Install GPG
On Linux it's found in nearly all distributions with package name of either gpg or gpg2. If both are present and gpg is not an
alias to gpg2 please use gpg2.
On Windows besides using WSL there is native GPG distribution named gpg4win.
## Importing Key
One way to keep prublic keys is by using a keyserver such as _hkps://keyserver.ubuntu.com_.
To import key with ID **3BDD542C9B0BE180D5802DFF020C42B7A9ABA3E2** from _hkps://keyserver.ubuntu.com_ keyserver
One way to keep public keys is by using a keyserver such as _hkps://keyserver.ubuntu.com_ or _hkp://pgp.mit.edu_.
To import key with ID _3BDD542C9B0BE180D5802DFF020C42B7A9ABA3E2_ from **hkps://keyserver.ubuntu.com** keyserver
issue command:
```bash
$ gpg2 --keyserver hkps://keyserver.ubuntu.com --recv-key 3BDD542C9B0BE180D5802DFF020C42B7A9ABA3E2
```
Output of the command above will look like:
```
gpg: /home/akill/.gnupg/trustdb.gpg: trustdb created
gpg: key 020C42B7A9ABA3E2: public key "Asmir A (new key 300523) <asmir.abdulahovic@gmail.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
```
It's also possible to use "short" ID by using only the last 8 digits of hexadecimal
ID representation, in our case **A9ABA3E2** - but it's discourages because of possible ID collisions.
ID representation, in our case _A9ABA3E2_ - but it's discouraged because of possible ID collisions.
To search and import a key using email, example _asmir.abdulahovic@gmail.com_ issue command:
```bash
$ gpg2 --keyserver hkps://keyserver.ubuntu.com \
--search-keys "asmir.abdulahovic@gmail.com"
$ gpg2 --keyserver hkps://keyserver.ubuntu.com --search-keys "asmir.abdulahovic@gmail.com"
```
Note **hkps** protocol selection acts simmilary as **https** for **http**,
prefferably use it to avoid **MITM** and other attacks.
Note _hkps_ protocol selection acts similarly as _https_ for _http_,
preferably use it to avoid _MITM_ and other attacks.
## Verify Signature
After successfully importing the public key it's possible to verify signature of a
given file by issuing following command:
```bash
$ gpg2 --verify my_file.png.asc
```
Please notice .asc extension in the command above.
It's a result of using gpg to attach the signature at the end of the file while both file and signature are
represented in ASCII format.
It's, however, possible to compress the file and add signature in binary format.
In that case it's conventional practise is to use .gpg extension.
So in previous case file would be named _my_file.png.gpg_.
Verifying it would be identical to .asc file.
After verifying we still need original file. To extract it use:
```bash
$ gpg2 --out my_file.png --decrypt my_file.png.asc
```
Interestingly for files like .pdf which ignore data appended to the end of the file it's possible to attach
a signature and use resulting file as normal .pdf while being able to check the same signature.
More on that in other post.
## Export Key
Simply issue:
```
$ gpg2 --export --armor <KEY_ID>
```
Lastly I'll attach my public key, output of the command above, here which
can also be found in about/ section of this site.
```
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEZHZDwBYJKwYBBAHaRw8BAQdAPTwI6nfqQ+DtOgyGnwh2Z/rHmeIaw48Cj1ac
r7siWg60NkFzbWlyIEEgKG5ldyBrZXkgMzAwNTIzKSA8YXNtaXIuYWJkdWxhaG92
aWNAZ21haWwuY29tPoiTBBMWCgA7FiEEO91ULJsL4YDVgC3/AgxCt6mro+IFAmR2
Q8ACGwMFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQAgxCt6mro+LMfgD/
a1FeF7N7CxwCne8jD/4wPTCgNvo8JDLYIugd+b3w4fEA/Az6BIxa/s1Nf2fZmI9C
mvuMi9GztilFtCT+gHTtkAIPuDgEZHZDwBIKKwYBBAGXVQEFAQEHQE2Jm31r9Nv4
1H5HFOeIHwrUE09XuL/CzQE3WcXviq0hAwEIB4h4BBgWCgAgFiEEO91ULJsL4YDV
gC3/AgxCt6mro+IFAmR2Q8ACGwwACgkQAgxCt6mro+KfqgD9HrUJdZ2Y6cvcYyt/
yMoxPvGKDCYo4Pys9Qi3M1oKKUMBAMJ4Dt6xjWyZIrNDjXmJhm4Qap9CAo0+SPM1
BudaRLwI
=nRnt
-----END PGP PUBLIC KEY BLOCK-----
```

1
flake.nix
View File

@@ -39,6 +39,7 @@
installPhase = ''
mkdir $out
cp -r public/ $out/
cat goatcounter.url >> $out/public/index.html
'';
};
in {

1
goatcounter.url Normal file
View File

@@ -0,0 +1 @@
<script data-goatcounter="https://stats.project-cloud.net/count" async src="//stats.project-cloud.net/count.js"></script>

BIN
static/images/my_avatar.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 11 KiB

BIN
static/images/my_avatar.webp Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 8.8 KiB