Helm/Sign: Difference between revisions

Revision as of 01:01, 27 June 2025

cat <<'EXE'| sudo bash
apt-get update;echo
mkdir -p /etc/apt/keyrings
apt list -a --upgradable;apt-get upgrade -y;echo
apt-get install -y apt-transport-https ca-certificates gnupg && apt-get clean
EXE

GnuPG » Batch » Config

export GPG_TTY=$(tty)
mkdir -p ${HOME}/.config/gnupg
echo -n 'Password: ';read -s PASSPHRASE;export PASSPHRASE;echo
# Password: sadaqah!

cat << CFG | tee ${HOME}/.config/gnupg/chorke.conf >/dev/null
%echo Generating a GPG key
Key-Type: RSA
Key-Length: 3072
Subkey-Type: RSA
Subkey-Length: 3072
Name-Real: Chorke Academia, Inc
Name-Email: info@chorke.org
Expire-Date: 1y
Passphrase: ${PASSPHRASE}
%commit
%echo Done
CFG

GnuPG » Generate » Keys

export GPG_TTY=$(tty)
echo -n 'Password: ';read -s PASSPHRASE;export PASSPHRASE;echo
# Password: sadaqah!

gpg --batch --generate-key ${HOME}/.config/gnupg/chorke.conf
gpg --output ${HOME}/.config/gnupg/chorke.asc --armor --export info@chorke.org
gpg --batch --yes --pinentry-mode loopback --passphrase ${PASSPHRASE} --output ${HOME}/.config/gnupg/chorke.key --armor --export-secret-key info@chorke.org

GnuPG » Key » Terminology

Key » Terminology
Field	Value	Meaning
Key ID	`A1349F92` (last 8 chars of fingerprint)	Short key ID
Long Key ID	`75D4D308A1349F92` (last 16 chars)	Long key ID
Fingerprint	`C9C2EDE5CBCF39BF574B0B3175D4D308A1349F92`	Full 40-char key fingerprint
Email/UID	`info@chorke.org`	Used to reference key

Key » How to Use
Use Case	Recommended Key Reference
Helm chart signing	`C9C2EDE5CBCF39BF574B0B3175D4D308A1349F92` (fingerprint)
GPG signing	`info@chorke.org` or `A1349F92`
Export key	`gpg --export A1349F92` or full fingerprint
Trust/verify (CI/CD)	Prefer full fingerprint to avoid collision risks

Playground

cat <<'CFG'| tee -a ${HOME}/.gnupg/gpg.conf >/dev/null
use-agent
pinentry-mode loopback
CFG

cat <<'CFG'| tee -a ${HOME}/.gnupg/gpg-agent.conf >/dev/null

allow-loopback-pinentry
CFG

gpgconf --kill gpg-agent
        file ${HOME}/.config/gnupg/chorke.asc
        file ${HOME}/.config/gnupg/chorke.key
gpg --import ${HOME}/.config/gnupg/chorke.key

References

Helm » Provenance Helm » Package Helm

Security » HTTP » Basic Authentication Security » OpenLDAP » BackSQL Security » Certificate » TLS Security » Certificate Security » Password Security » ZA Proxy Security » Domain Security » Spring Security » HTTP Security » Java	Security » SSH » Public Key Authentication Security » Container » Cosign Security » Container » Trivy Security » Container » Snyk

Kubernetes Multipass Minikube Podman Vagrant Docker Qemu Helm K9s K8s	LXC » Alpine » Apache » PHP LXC » Alpine » Nginx » PHP LXC » Logrotate » Redhat Terraform Proxmox Kubectl Ansible CIDR UFW LXC	PostgreSQL » PgBouncer PostgreSQL » PgLoader Docker/Compose/SFTP PostgreSQL Git

@@ Line 59: / Line 59: @@
 |-
 | '''Email/UID'''      || <code>info@chorke.org</code>                                               || Used to reference key
+|}
+----
+{|class='wikitable mw-collapsible'
+!scope='col' style='width:800px' colspan='2'|
+'''Key »  How to Use'''
+|-
+!scope="col" style='width:200px'| Use Case
+!scope="col" style='width:500px'| Recommended Key Reference
+|-
+| Helm chart signing   || <code>C9C2EDE5CBCF39BF574B0B3175D4D308A1349F92</code> (fingerprint)
+|-
+| GPG signing          || <code>info@chorke.org</code> or <code>A1349F92</code>
+|-
+| Export key           || <code>gpg --export A1349F92</code> or full fingerprint
+|-
+| Trust/verify (CI/CD) || Prefer '''full fingerprint''' to avoid collision risks
 |}

Helm/Sign: Difference between revisions

Revision as of 01:01, 27 June 2025

Contents

GnuPG » Batch » Config

GnuPG » Generate » Keys

GnuPG » Key » Terminology

Playground

References

Navigation menu

Helm/Sign: Difference between revisions

Revision as of 01:01, 27 June 2025

GnuPG » Batch » Config

GnuPG » Generate » Keys

GnuPG » Key » Terminology

Playground

References

Navigation menu

Search