Blackbox: Difference between revisions

From Omnia
Jump to navigation Jump to search
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
== Blackbox ==
https://github.com/StackExchange/blackbox
== Installation ==
git clone https://github.com/StackExchange/blackbox
cd blackbox
sudo make copy-install
Installs to /usr/local/bin


== Import keyring ==
== Import keyring ==
Line 45: Line 56:
     | grep -v "^pub" \
     | grep -v "^pub" \
     | grep -v "^--" \
     | grep -v "^--" \
    | sed 's/ //g' \
     | awk 'BEGIN { FS = "\n" } ; { print $1":6:" }' \
     | awk 'BEGIN { FS = "\n" } ; { print $1":6:" }' \
     | gpg --import-ownertrust
     | gpg --import-ownertrust
Line 50: Line 62:


ref: https://stackoverflow.com/questions/13116457/how-to-make-auto-trust-gpg-public-key
ref: https://stackoverflow.com/questions/13116457/how-to-make-auto-trust-gpg-public-key
== Email with multiple keys ==
<pre>
My team has found a workaround for now with this issue. We are putting the key ID in the admin file, and putting a comment on the same line with the user email.
Example:
ABC12345 # admin@admin.com
</pre>
ref: https://github.com/StackExchange/blackbox/issues/199
== Importing gpg ==
To trust your fellow admin:
gpg --edit-keys [ID]
  lsign
  save
== keywords ==

Latest revision as of 20:30, 21 August 2024

Blackbox

https://github.com/StackExchange/blackbox

Installation

git clone https://github.com/StackExchange/blackbox
cd blackbox
sudo make copy-install

Installs to /usr/local/bin

Import keyring

gpg2 --keyring keyrings/live/pubring.kbx  --export | gpg2 --import

or

gpg --keyring .blackbox/pubring.kbx --export | gpg --import
GPG=gpg2 blackbox_update_all_files

ref: https://github.com/StackExchange/blackbox/issues/184

Trust all keys

# The "-E" makes this work with both GNU sed and OS X sed
gpg --list-keys --fingerprint --with-colons |
  sed -E -n -e 's/^fpr:::::::::([0-9A-F]+):$/\1:6:/p' |
  gpg --import-ownertrust
gpg --export-ownertrust | sed 's/:.*/:5:/' | gpg --import-ownertrust
echo -e "5\ny\n" |  gpg --homedir . --command-fd 0 --expert --edit-key user@exaple.com trust;
gpg --import <user-id.keyfile>
fpr=`gpg --with-colons --fingerprint <user-id> |awk -F: '$1 == "fpr" {print$10; exit}'`
gpg --export-ownertrust && echo $fpr:6: |gpg --import-ownertrust

Trust last added key:

gpg --list-keys --fingerprint \
    | grep ^pub -A 1 \
    | tail -1 \
    | tr -d ' ' \
    | awk 'BEGIN { FS = "\n" } ; { print $1":6:" }' \
    | gpg --import-ownertrust

Trust all key: (my version of the above)

gpg --list-keys --fingerprint \
    | grep ^pub -A 1 \
    | grep -v "^pub" \
    | grep -v "^--" \
    | sed 's/ //g' \
    | awk 'BEGIN { FS = "\n" } ; { print $1":6:" }' \
    | gpg --import-ownertrust

ref: https://stackoverflow.com/questions/13116457/how-to-make-auto-trust-gpg-public-key

Email with multiple keys

My team has found a workaround for now with this issue. We are putting the key ID in the admin file, and putting a comment on the same line with the user email.

Example:

ABC12345 # admin@admin.com

ref: https://github.com/StackExchange/blackbox/issues/199

Importing gpg

To trust your fellow admin:

gpg --edit-keys [ID]
 lsign
 save

keywords