GPG Credential Sharing
GnuPG Encryption
You will require API credentials to access our APIs which will be sent to you through a secure messaging channel.
We will use the OpenPGP (Pretty Good Privacy) https://gnupg.org/ part of the GNU Privacy Guard (GnuPG). This is a tool to provide digital encryption and signing services using the OpenPGP standard. GnuPG features complete key management and all the bells and whistles you would expect from a full OpenPGP implementation.
Installation
Install GPG from an official source: or via your operating systems package manager:
- https://gnupg.org/download/index.html
brew install gnupg
on Mac if homebrew is installedsudo apt install gpg
on Debian and Ubuntu-based systems
How to use GPG
Generate a key pair
- Generate a keypair with
gpg --full-generate-key
. - Select
(9) ECC (sign and encrypt) *default*
- Choose
(1) Curve 25519 *default*
- Choose any suitable expiry time that suits you.
- Follow the terminal wizard including adding your Name, Email and entering a suitable password to unlock the key.
Exporting your Public Key
- List all your keys
gpg --list-secret-keys
-------------------------------------
sec ed25519/238CCA9EC4DAA5D7 2022-01-26 [SC] [expires: 2024-01-26]
AA920F660CAA80EF7AFEA463238CCA9EC4DAA5D7
uid [ultimate] user (First key made) <[email protected]>
ssb cv25519/33A8AFDC6C129D37 2022-01-26 [E] [expires: 2024-01-26]
- Get the public key for sharing using the key identifier.
gpg --armor --export KEY_ID
gpg --armor --export 33A8AFDC6C129D37
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEYpgcdxYJKwYBBAHaRw8BAQdAU4aj0ds4/1wFmzOGLEVgCK4T2sImTnf+crCn
yELuK6S0MENocmlzIEJhcmxvdyAoQ2hyaXMgQmFybG93KSA8Y2hyaXNAaW9maW5u
ZXQuY29tPoiTBBMWCgA7FiEECiSgo16foHstBVfPoPbCGahirJUFAmKYHHcCGwMF
CwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQoPbCGahirJWYCwEAuo3dCEOO
penIMCumspnjQalIk1wlbBKKGtJl3Ak8dREA/1p6CDSXPiCugV25HsR2e7r6py+t
sdi0yj+UnDxsQVUMuDgEYpgcdxIKKwYBBAGXVQEFAQEHQIlnotXHE3Z0/XRAE1hR
Wl2b7DmpjsFUEEA4WSlaQVlLAwEIB4h4BBgWCgAgFiEECiSgo16foHstBVfPoPbC
GahirJUFAmKYHHcCGwwACgkQoPbCGahirJWnwwD+LN99TWXeBQp+Nn+qAGABrgK5
PUnz8ppb+Y9pL2sfST0BAN+KoG/tD6uGqaCdkEoKto/rbvSDB6/E5AtX+l9Sl9QG
=yvbs
-----END PGP PUBLIC KEY BLOCK-----
- Copy the key into a file including the header and footer and send it via your preferred communication channel.
Decrypting a payload
-
When you recieve the encrypted file form us, save the file to your local machine.
-
Use the command
gpg --decrypt --output decrypted_file encrypted_secrets_file.gpg
-
Open the file
decrypted_file
with a text editor to see your plain text secrets. Ensure decrypted files are securely deleted once they are no longer needed.
Support
For support, reach out to your technical support channels.
Updated 3 months ago