Computer :(

/home/rrix:blog:tags:cgit:rss

New GPG Key

Please find attached my new GPG key as well as general identity information.

I have rotated my keys due to ongoing issues with the way I structured my smartcard exports. As
such, the new primary key for the following UIDs should be considered 0x7FF21B69A5FCE951

 - Ryan Rix <ry@n.rix.si>
 - Ryan Rix <ryan@whatthefuck.computer>
 - Ryan Rix <rrix@uber.com>

This document is signed by both the old key and the new key to aid in verification. The previous key
is not signing the new key due to the aforementioned Yubikey issues that have plagued me the last
few months. What follows is general Biographical and Cryptoraphical information which you may use to
verify this information

Feel free to download that file and verify both the old key and the new key:

gpg2 --verify ~/org/new-key.txt
gpg: Signature made Sun 11 Oct 2015 01:06:59 AM UTC
gpg:                using RSA key 0x7FF21B69A5FCE951
gpg: Good signature from "Ryan Rix <ryan@whatthefuck.computer>" [ultimate]
gpg:                 aka "Ryan Rix <rrix@uber.com>" [ultimate]
gpg:                 aka "Ryan Rix <ry@n.rix.si>" [ultimate]
gpg: Signature made Sun 11 Oct 2015 01:07:32 AM UTC
gpg:                using RSA key 0xE5DB00A8DB1B5346
gpg: Good signature from "UberEng <rrix@uber.com>" [ultimate]
gpg:                 aka "Ryan Rix <ry@n.rix.si>" [ultimate]

Also, if anyone wants to help me figure out why my old key can't sign, that'd be greaaaat.

bash-4.3$ gpg2 --list-keys 24c87ae0
Keyring: /home/rrix/.gnupg/pubring.kbx
--------------------------------------
pub   dsa3072/0x67F784B924C87AE0 2012-12-31 [expires: 2017-12-30]
uid                   [ultimate] UberEng <rrix@uber.com>
uid                   [ultimate] Ryan Rix <ry@n.rix.si>
sub   rsa2048/0xE5DB00A8DB1B5346 2014-11-24 [expires: 2015-11-24]
sub   rsa2048/0x08D32BE430DCAF7B 2014-11-24 [expires: 2015-11-24]

bash-4.3$ gpg2 --card-status
Application ID ...: D2760001240102000006030146700000
Version ..........: 2.0
Manufacturer .....: Yubico
Serial number ....: 03014670
Name of cardholder: Ryan Rix
Language prefs ...: en
Sex ..............: male
URL of public key : https://pgp.mit.edu/pks/lookup?op=get&search=0x67F784B924C87AE0
Login data .......: rrix
Signature PIN ....: forced
Key attributes ...: rsa2048 rsa2048 rsa2048
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 3 3
Signature counter : 2
Signature key ....: E494 3940 302E 546A 2ADA  A0E8 4AD7 8DC7 5044 6D97
      created ....: 2015-06-04 04:40:25
Encryption key....: ABB6 736F A507 64F3 7ABB  7DF3 08D3 2BE4 30DC AF7B
      created ....: 2014-11-24 07:45:41
Authentication key: 2823 270A 100C 2D85 58A1  4CB6 E5DB 00A8 DB1B 5346
      created ....: 2014-11-24 07:45:30
General key info..: [none]

I am fairly certain that using 0x50446D97 as the Signing key in the Yubikey is causing it to (rightfully) refuse to sign as 0x24C87AE0, but it'd be nice to have confirmation of that.

This new key is nicely backed up in cold storage so hopefully this can't happen in the future. 🙏