Open bgpugh opened 10 years ago
Although this would be pretty cool, to my knowledge keybase
does not support keys which have no password. So even if this were to be implemented, you'd need to remember three passwords. One for your keybase
account which needs to be 12 characters, one as the password for the actual exported key, and one for the import of the exported key (which ideally would need to be different for security). So it get's pretty complicated at that point.
When you perform the import command, you're prompted for the password you entered during the export. There would only be two passwords needed. Workflow would be:
Upload:
1) Sign in using keybase login
2) Push key: keybase push
2a) Key is exported: gpg --export-secret-keys --armor KEY_ID
2b) Key is symmetrically encrypted and user is prompted for passcode: gpg --sign --symmetric --cipher-algo AES256 > seckey.gpg
2c) Exported/encrypted key is uploaded to the server (seckey.gpg)
Download:
1) Sign in using keybase login
2) Pull key: keybase pull
2a) Symmetrically encrypted key is fetched from server (seckey.gpg)
2b) User is prompted for password used when exporting key (gpg --decrypt seckey.gpg
)
2c) Key is imported (gpg --allow-secret-key-import --import
)
Ahh, I see! Sounds like it could work wonders.
From what I can tell, keybase is already doing this with triplesec(?) which is why you create a secret key password when uploading it. Doing it this way would allow the user to use encryption-standard methods that they could follow manually (like "hardcore mode" as provided during proofs) as well as provide transparency for a pretty abnormal operation in the PKI world
I'm not sure if this is a documentation issue or implementation. If I'm uploading my secret key, it sounds as if it's encrypted but it's pretty opaque and not verifiable by the user. This is good for my parents but possibly frightening for the tinfoil hat crowd.
Is it not possible to upload a symmetrically encrypted private key and not provide any password whatsoever to keybase? Something like:
gpg --export-secret-keys -a EF8FEBC949B9D15057F6D636102C7B498133F0FD | gpg --sign --symmetric --cipher-algo your_fav_cypher_here > seckey.gpg
From the receiving client, you would wind up with a symmetrically encrypted blob that the user would have to decode before import:
gpg --decrypt seckey.gpg | gpg --allow-secret-key-import --import
Both of these steps should be automatable enough to do through the client and understandable enough for a user to copy/paste for a "hardcore mode" transfer.