🏠 Go home.

New GPG Key

Published on

Please find attached my new GPG key as well as general identity information.

          I have rotated my keys due to ongoing issues with the way I structured my smartcard exports. As
          such, the new primary key for the following UIDs should be considered 0x7FF21B69A5FCE951

          - Ryan Rix <ry@n.rix.si>
          - Ryan Rix <ryan@whatthefuck.computer>
          - Ryan Rix <rrix@uber.com>

          This document is signed by both the old key and the new key to aid in verification. The previous key
          is not signing the new key due to the aforementioned Yubikey issues that have plagued me the last
          few months. What follows is general Biographical and Cryptoraphical information which you may use to
          verify this information

Feel free to download that file and verify both the old key and the new key:

          gpg2 --verify ~/org/new-key.txt
          gpg: Signature made Sun 11 Oct 2015 01:06:59 AM UTC
          gpg:                using RSA key 0x7FF21B69A5FCE951
          gpg: Good signature from "Ryan Rix <ryan@whatthefuck.computer>" [ultimate]
          gpg:                 aka "Ryan Rix <rrix@uber.com>" [ultimate]
          gpg:                 aka "Ryan Rix <ry@n.rix.si>" [ultimate]
          gpg: Signature made Sun 11 Oct 2015 01:07:32 AM UTC
          gpg:                using RSA key 0xE5DB00A8DB1B5346
          gpg: Good signature from "UberEng <rrix@uber.com>" [ultimate]
          gpg:                 aka "Ryan Rix <ry@n.rix.si>" [ultimate]

Also, if anyone wants to help me figure out why my old key can't sign, that'd be greaaaat.

          bash-4.3$ gpg2 --list-keys 24c87ae0
          Keyring: /home/rrix/.gnupg/pubring.kbx
          pub   dsa3072/0x67F784B924C87AE0 2012-12-31 [expires: 2017-12-30]
          uid                   [ultimate] UberEng <rrix@uber.com>
          uid                   [ultimate] Ryan Rix <ry@n.rix.si>
          sub   rsa2048/0xE5DB00A8DB1B5346 2014-11-24 [expires: 2015-11-24]
          sub   rsa2048/0x08D32BE430DCAF7B 2014-11-24 [expires: 2015-11-24]

          bash-4.3$ gpg2 --card-status
          Application ID ...: D2760001240102000006030146700000
          Version ..........: 2.0
          Manufacturer .....: Yubico
          Serial number ....: 03014670
          Name of cardholder: Ryan Rix
          Language prefs ...: en
          Sex ..............: male
          URL of public key : https://pgp.mit.edu/pks/lookup?op=get&search=0x67F784B924C87AE0
          Login data .......: rrix
          Signature PIN ....: forced
          Key attributes ...: rsa2048 rsa2048 rsa2048
          Max. PIN lengths .: 127 127 127
          PIN retry counter : 3 3 3
          Signature counter : 2
          Signature key ....: E494 3940 302E 546A 2ADA  A0E8 4AD7 8DC7 5044 6D97
          created ....: 2015-06-04 04:40:25
          Encryption key....: ABB6 736F A507 64F3 7ABB  7DF3 08D3 2BE4 30DC AF7B
          created ....: 2014-11-24 07:45:41
          Authentication key: 2823 270A 100C 2D85 58A1  4CB6 E5DB 00A8 DB1B 5346
          created ....: 2014-11-24 07:45:30
          General key info..: [none]

I am fairly certain that using 0x50446D97 as the Signing key in the Yubikey is causing it to (rightfully) refuse to sign as 0x24C87AE0, but it'd be nice to have confirmation of that.

This new key is nicely backed up in cold storage so hopefully this can't happen in the future. 🙏

Respond to this note:

Ryan Rix is a privacy rights advocate and net-art wannabe. Reach them on the Fediverse as @rrix@cybre.space, twitter as @rrrrrrrix, via email to ryan@whatthefuck.computer or on Facebook or on Matrix as @rrix:whatthefuck.computer.