Skip to content

Update Admin Workstation setup instructions to use keys.openpgp.org#4586

Merged
kushaldas merged 1 commit intodevelopfrom
docs-keys-dot-openpgp-dot-rodeo
Jul 3, 2019
Merged

Update Admin Workstation setup instructions to use keys.openpgp.org#4586
kushaldas merged 1 commit intodevelopfrom
docs-keys-dot-openpgp-dot-rodeo

Conversation

@eloquence
Copy link
Contributor

@eloquence eloquence commented Jul 3, 2019
edited
Loading

Includes instructions for importing the key from securedrop.org as a fallback (may be superseded by WKD fallback in future)

Status

Ready for review

Test plan

Test all modified or added commands in Tails 3.14.2 with an empty keyring, and ensure that they behave as described in the documentation.

  • I have done this myself using a Tails 3.14 VM

Description of Changes

Soldiering on towards #4128

Checklint

  • make docs-lint is not sad

@eloquence
Update Admin Workstation setup instructions to use keys.openpgp.org
6ebf31d 
Includes instructions for importing the key from securedrop.org
as a fallback (may be superseded by WKD fallback in future)
@eloquence eloquence force-pushed the docs-keys-dot-openpgp-dot-rodeo branch from 5cf5923 to 6ebf31d Compare July 3, 2019 05:52
@eloquence eloquence added the docs label Jul 3, 2019
eloquence
eloquence commented Jul 3, 2019
View reviewed changes
docs/set_up_admin_tails.rst

gpg --keyserver hkps://hkps.pool.sks-keyservers.net --recv-key "2224 5C81 E3BA EB41 38B3 6061 310F 5612 00F4 AD77"
cd ~/Persistent
torify curl -LO https://securedrop.org/securedrop-release-key.asc
Copy link
Contributor Author

@eloquence eloquence Jul 3, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: This redirect has never been used before; I created it today (using Wagtail's redirect feature), as the official URL (https://securedrop.org/documents/10/securedrop-release-key.asc) is more difficult to type reliably, and subject to change if a new version is uploaded (in which case we'd have to redirect anyway, as we're doing from https://securedrop.org/documents/1/securedrop-release-key.asc). Happy to use an alternative approach if preferable.

eloquence
eloquence commented Jul 3, 2019
View reviewed changes
docs/set_up_admin_tails.rst
will implicitly verify that the fingerprint of the key received matches the
argument passed.
gpg --with-fingerprint --import-options import-show --dry-run \
--import securedrop-release-key.asc
Copy link
Contributor Author

@eloquence eloquence Jul 3, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The short version is gpg securedrop-release-key.asc, but that results in a warning ("gpg: WARNING: no command supplied. Trying to guess what you mean ..."), which suggests to me that we shouldn't rely on this guessing behavior. This same usage also appears in #4522.

kushaldas
kushaldas approved these changes Jul 3, 2019
View reviewed changes
Copy link
Contributor

@kushaldas kushaldas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested on my Tails VM. Approved. 🌈

@kushaldas kushaldas merged commit 3584f24 into develop Jul 3, 2019
@eloquence eloquence mentioned this pull request Jul 3, 2019
Merged
@redshiftzero redshiftzero mentioned this pull request Jul 5, 2019
Closed
@legoktm legoktm deleted the docs-keys-dot-openpgp-dot-rodeo branch January 9, 2025 22:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@emkll emkll Awaiting requested review from emkll

@redshiftzero redshiftzero Awaiting requested review from redshiftzero

@zenmonkeykstop zenmonkeykstop Awaiting requested review from zenmonkeykstop

1 more reviewer

@kushaldas kushaldas kushaldas approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

docs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@eloquence @kushaldas