Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Admin Workstation setup instructions to use keys.openpgp.org #4586

Merged
merged 1 commit into from
Jul 3, 2019
Merged

Update Admin Workstation setup instructions to use keys.openpgp.org #4586

merged 1 commit into from
Jul 3, 2019

Conversation

eloquence
Copy link
Member

@eloquence eloquence commented Jul 3, 2019
edited
Loading

Includes instructions for importing the key from securedrop.org as a fallback (may be superseded by WKD fallback in future)

Status

Ready for review

Test plan

Test all modified or added commands in Tails 3.14.2 with an empty keyring, and ensure that they behave as described in the documentation.

  • I have done this myself using a Tails 3.14 VM

Description of Changes

Soldiering on towards #4128

Checklint

  • make docs-lint is not sad

@eloquence
Update Admin Workstation setup instructions to use keys.openpgp.org
6ebf31d 
Includes instructions for importing the key from securedrop.org
as a fallback (may be superseded by WKD fallback in future)
@eloquence eloquence force-pushed the docs-keys-dot-openpgp-dot-rodeo branch from 5cf5923 to 6ebf31d Compare July 3, 2019 05:52
@eloquence eloquence added the docs label Jul 3, 2019
eloquence
eloquence commented Jul 3, 2019
View reviewed changes
docs/set_up_admin_tails.rst

.. code:: sh

gpg --keyserver hkps://hkps.pool.sks-keyservers.net --recv-key "2224 5C81 E3BA EB41 38B3 6061 310F 5612 00F4 AD77"
cd ~/Persistent
torify curl -LO https://securedrop.org/securedrop-release-key.asc
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: This redirect has never been used before; I created it today (using Wagtail's redirect feature), as the official URL (https://securedrop.org/documents/10/securedrop-release-key.asc) is more difficult to type reliably, and subject to change if a new version is uploaded (in which case we'd have to redirect anyway, as we're doing from https://securedrop.org/documents/1/securedrop-release-key.asc). Happy to use an alternative approach if preferable.

eloquence
eloquence commented Jul 3, 2019
View reviewed changes
docs/set_up_admin_tails.rst
will implicitly verify that the fingerprint of the key received matches the
argument passed.
gpg --with-fingerprint --import-options import-show --dry-run \
--import securedrop-release-key.asc
Copy link
Member Author

@eloquence eloquence Jul 3, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The short version is gpg securedrop-release-key.asc, but that results in a warning ("gpg: WARNING: no command supplied. Trying to guess what you mean ..."), which suggests to me that we shouldn't rely on this guessing behavior. This same usage also appears in #4522.

kushaldas
kushaldas approved these changes Jul 3, 2019
View reviewed changes
Copy link
Contributor

@kushaldas kushaldas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested on my Tails VM. Approved. 🌈

@kushaldas kushaldas merged commit 3584f24 into develop Jul 3, 2019
@eloquence eloquence mentioned this pull request Jul 3, 2019
Merged
@redshiftzero redshiftzero mentioned this pull request Jul 5, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kushaldas kushaldas kushaldas approved these changes

@emkll emkll Awaiting requested review from emkll

@redshiftzero redshiftzero Awaiting requested review from redshiftzero

@zenmonkeykstop zenmonkeykstop Awaiting requested review from zenmonkeykstop

Assignees
No one assigned
Labels
docs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@eloquence @kushaldas