diff --git a/.git-crypt/.gitattributes b/.git-crypt/.gitattributes deleted file mode 100644 index 665b10e..0000000 --- a/.git-crypt/.gitattributes +++ /dev/null @@ -1,4 +0,0 @@ -# Do not edit this file. To specify the files to encrypt, create your own -# .gitattributes file in the directory where your files are. -* !filter !diff -*.gpg binary diff --git a/.git-crypt/keys/default/0/AF6A8929FDBAD915B69065400908F4B4DB72C73D.gpg b/.git-crypt/keys/default/0/AF6A8929FDBAD915B69065400908F4B4DB72C73D.gpg deleted file mode 100644 index 52c4ede..0000000 Binary files a/.git-crypt/keys/default/0/AF6A8929FDBAD915B69065400908F4B4DB72C73D.gpg and /dev/null differ diff --git a/.git-crypt/keys/default/0/B4B6203BEFAB54034918F2E0A68297986D710740.gpg b/.git-crypt/keys/default/0/B4B6203BEFAB54034918F2E0A68297986D710740.gpg deleted file mode 100644 index 74a5df9..0000000 Binary files a/.git-crypt/keys/default/0/B4B6203BEFAB54034918F2E0A68297986D710740.gpg and /dev/null differ diff --git a/.git-crypt/keys/default/0/BED465025664C2BF8209F1E5073C16CD71F334CC.gpg b/.git-crypt/keys/default/0/BED465025664C2BF8209F1E5073C16CD71F334CC.gpg deleted file mode 100644 index 5095b2f..0000000 Binary files a/.git-crypt/keys/default/0/BED465025664C2BF8209F1E5073C16CD71F334CC.gpg and /dev/null differ diff --git a/.git-crypt/keys/default/0/F1F3466458452B2DF351F1E864D12BA95ACE1F2D.gpg b/.git-crypt/keys/default/0/F1F3466458452B2DF351F1E864D12BA95ACE1F2D.gpg deleted file mode 100644 index d35bb40..0000000 Binary files a/.git-crypt/keys/default/0/F1F3466458452B2DF351F1E864D12BA95ACE1F2D.gpg and /dev/null differ diff --git a/.gitattributes b/.gitattributes deleted file mode 100644 index a47d6ed..0000000 --- a/.gitattributes +++ /dev/null @@ -1 +0,0 @@ -**/*.key filter=git-crypt diff=git-crypt diff --git a/flake.nix b/flake.nix index 5e301c6..708ffac 100644 --- a/flake.nix +++ b/flake.nix @@ -72,9 +72,6 @@ just age sops - git - git-crypt - gnupg ]; }; }; diff --git a/system/keys/desktop/ssh.pub.key b/system/keys/desktop/ssh.pub.key index ffbc68a..4604ca9 100644 Binary files a/system/keys/desktop/ssh.pub.key and b/system/keys/desktop/ssh.pub.key differ diff --git a/user/home.nix b/user/home.nix index ebf57f0..6b93564 100644 --- a/user/home.nix +++ b/user/home.nix @@ -5,6 +5,7 @@ let pass-audit pass-otp pass-update + pass-tomb ]); in diff --git a/user/keys/age/README.md b/user/keys/age/README.md new file mode 100644 index 0000000..92284a8 --- /dev/null +++ b/user/keys/age/README.md @@ -0,0 +1,3 @@ +# Age Keys + +yubikey.pub.key - Cold storage backup for age encryption diff --git a/user/keys/age/yubikey.pub.key b/user/keys/age/yubikey.pub.key index 026c9a8..559bc52 100644 Binary files a/user/keys/age/yubikey.pub.key and b/user/keys/age/yubikey.pub.key differ diff --git a/user/keys/pgp/README.md b/user/keys/pgp/README.md new file mode 100644 index 0000000..50fb051 --- /dev/null +++ b/user/keys/pgp/README.md @@ -0,0 +1,5 @@ +# PGP Keys + +yubikey.pub.key - +work.pub.key -> bryan.ramos@concurrent-rt.com +ccur.pub.key -> ? diff --git a/user/keys/pgp/ccur.pub.key b/user/keys/pgp/ccur.pub.key new file mode 100755 index 0000000..3ddf45c --- /dev/null +++ b/user/keys/pgp/ccur.pub.key @@ -0,0 +1,53 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1 + +mQINBGM8ZXIBEADD3ZTfTFYRtkgH4Mtjy5sxe3Z+3xqxtZFQUg1dFuvPHdQFrNCB +hbmEnMeyDC2FK92OLnYdnfO+evRg4V3AJSl0dyBM1m9bgSuuIw7b9ni3yYVbh4zg +BK0Dcj6E+zGrGMsPje08O+NdOh5pJLfY2Xra9LBGteN7Ck+NnDAwBhE4/0tdm5Y3 +bjvKyq3HelpTYLQFiwi2lFCXMEEUeGM3bAUWUEXZn5g8FbFm9Y9KMKivHsNvSFnd +7U3WZg9K1uDMV8+xA/+nxd7CqI03oafxEUlW48a0Z1nowzEbG22OOw0I78FtrqTj +PSKBlIJHYBEF/x0UMfeJnbnR89jJZihPzLRCpSzuMiX4NF39S1nnmpjcn+vwgngE +NIxPBXh4fOdBzvplgS/iaS/wxkoMcXgRe4qMVp/jQzE19XzxUkHcWFxUeG4L0gDJ +77STrDDpIBExkd2EAz1AtxRfuW1PD94uHex3ar41GfU088sYO1pmzwEl5h9ep/Zr +oHLfwb61h85V4+5tw+cFzOa1iA/Rgh/qOCVKrU/A9aibxDh1/x54wo7nwkCuIbjA +W/3wiNiQn9a/GRBoIoSwdpdd90RAxINhXiVqhzkCtQskeCrOiWyZRdHTOQnV6GDH +/s5EaPj4o4v1NpbBh+y4QMtJXk+rpV3ncyBJpBIWwswCXZhVqB6FFRy7uwARAQAB +tExDb25jdXJyZW50IFJlYWwtVGltZSBTb2Z0d2FyZSBTdXBwb3J0IChSVzlSS1lH +QSkgPHN1cHBvcnRAY29uY3VycmVudC1ydC5jb20+iQI+BBMBCAAoBQJjPGVyAhsD +BQkJZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDcXtpJfTtL0m3hEACZ +P9QRj4I9puaXweAiaq1WHDztTBO0Xoi7D+7NlfQiZQ1bONdRN5tYQTCZighcXelQ +Zsjtz/rDrVykBC2r3dG5X81gDTZx9WwGhFu/MuaUnU1Df9LUIAi5FliypqRV/NtH +MyeaOATlpgEBkVBe2fcoCSIqrUJXdW2Cu38w+AJce4IuaUSJeWDiumcW5SvwpdiT +2qsKhbdyjdb2ayRipimEWsaNUDkxz3e6kvz1npgyk5CaLo82yzVMBGxAGfWrJqYr +TZOFm4UG1ObZCP8gq33LKOzB45UZP5lNE+5Cr68MC6tUF5s/Cai8BiskP+gWiDJQ +LPenKDjaf4H11s98/Dfw86DwKY2zfDXTkJ6nQXjqvnZYsovjeFJVXx9jjBh3i98W +5/VwogbWfwpbnRt/rtDq1MglqvHsL9QjA9CSaHRdy0hy2JmZ9S2msFrMR/DrKfcO +kCr8ciLilxvyCpaYUjRmH38w29YUW6JIImPtBlt4QpYiw9cLsU9RGLZ+nu40AFiC +rzo8xiYO6kXEk5znFRy5JzmiFu5QouhMpeVXXEnBZCt5j+A9DkzwlNShHl3UgWfg +xatllI0FUJsJpIKqQq1jkPdC+fZliN2dDKiVgTmz0VvFwZRCxMz30yhsX1ZhtPGx +U2Z/3xIyOE+OEp2iPnCD4fhBnOc6t39rOX7jhSqim7kCDQRjPGVyARAA2zN8zwUa +i8dkeUYxQDjQxhSZsTsE7VGvL5gGRZhJ8whFNxCcjya9xPbGNnsXh8Zp9MM6Ji7a +1OZt9qzOH3Corgp2KA2ascLLpby5OAnIR5fULfqh5XR6byH/X59myrV88mifGCmM +anEjK+Tw5KybaBEHkNE2G2aUzjrYAMsfQnnHgYT8jUN1LkXqHVftX/0dwrhOcCqJ +YjLP9Vp4gZEz/Y5PQEjaEG3U0YCtaBBmnekBZ8bozO0og5/zbnX+IsY1F0QBsCmZ ++cVSuheWhFIJTBK2jyF8mHzAauOtYHHJQYyRsXNuxt5uqYj1it2Hag2jw7+q+ZDx +7FzqcKyxvT+usczHH5QhtzZpWrgZE+Po/2gmEg7Qz/c1I4Hy7DtOVv7ql8kluGpM +NM3cQYivZ4LD7Qsbnfj72muCD5W+T2c044y8WGE0U7GVTQw2ej6eLXutizlzNTmu +eW1r1OvcLXQUH5Ck2DC8HOauoCRPpRZeP+OQuiJax0VFqGdC1s99TCYow15OKWeE +HYCLIhAqz1oKq/4p92HPEV33kx7cGVPBXagw/KZKFlKTVbhHZxWQQDYkTrh/Fx5p +197U4XUG5qxTmMo03uJeppAyufmfpuHX7JVkHfZfXx1ZJdsXKlMahT3z7GhkJgjm +mPaoUroDS0Ddvs7qzYMprPJpiI3V78Q5lakAEQEAAYkCJQQYAQgADwUCYzxlcgIb +DAUJCWYBgAAKCRDcXtpJfTtL0g5SD/9A8fGzmOpnO7u3zKsER5GPxHVuwc4NRDVa +UIEvTrmfR1DSgrIJR4jQ1I4rGeoZ/7kUaYd6l1b5Apj8zp+Z04l0+nlIKvdd97Mg +Sb4kVuyyeUQN2d83ETBcZQC31061bnjH/W3+j5ojDqvjxPFJ7bz/AmVbi0s9MElc +c9h+jJ8LtK24yNQ6ribq+7X4YY7G87eeCkXY+Rdv96V1aaNNortZHQPNAMQRDrK8 +sH2nsyfEifyyf3RGmnhrfvVkpPZvBrtoSZStdHqpbD8NRuZgmHFN2EUE210SgSU0 +/W2eGDb/VGgAd7Cfh/qncYZWPxRwcnmkAu+bbdeFiyVoCSMzNKY0+6Ub0B7xmCsH +V144cNW01HAOkv/RtFyUIzpY0RhV1SaJ5XqFFNnWpcYjYR5l2YJACvS39nD1Yd+S ++vCDTddpK1okCfk1oXRN7vUYPBjF7Suu+/Kets9FBGoypK+4L2WlC36XYIpBXohB +r/tMoQhcoq73sp04IG3k1+Am5yiCbDMU3+1UhT/m5tL3o02by0c60RMHU/T6vfE8 +qj3FjF7Qy37xoWmPCrWkpwPscG+WDogupBc3RpxGP9ET8Th+HJM0IpQLoKeDYl5I +9z/kRFbY243tkJ1r65TMfa5My9J9ZdP22ZcOR2ql5z2IT7dvuteupaD82ojSXPzJ +uWsnbjV0Rg== +=56r2 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/user/keys/pgp/company.pub.key b/user/keys/pgp/company.pub.key deleted file mode 100755 index 6b4030a..0000000 Binary files a/user/keys/pgp/company.pub.key and /dev/null differ diff --git a/user/keys/pgp/work.pub.key b/user/keys/pgp/work.pub.key index 722f959..31e14fb 100755 Binary files a/user/keys/pgp/work.pub.key and b/user/keys/pgp/work.pub.key differ diff --git a/user/keys/pgp/yubikey.pub.key b/user/keys/pgp/yubikey.pub.key index 56c1b13..a15a521 100644 Binary files a/user/keys/pgp/yubikey.pub.key and b/user/keys/pgp/yubikey.pub.key differ diff --git a/user/keys/ssh/README.md b/user/keys/ssh/README.md new file mode 100644 index 0000000..2ebbe16 --- /dev/null +++ b/user/keys/ssh/README.md @@ -0,0 +1,5 @@ +# SSH Keys + +yubikey.pub.key -> PGP derived from `pgp.yubikey.pub.key` +work.pub.key - ? +graphone.pub.key -> For Android `pass` diff --git a/user/keys/ssh/graphone.pub.key b/user/keys/ssh/graphone.pub.key index 55e8f1b..d07e510 100644 Binary files a/user/keys/ssh/graphone.pub.key and b/user/keys/ssh/graphone.pub.key differ diff --git a/user/keys/ssh/work.pub.key b/user/keys/ssh/work.pub.key index 3d61b38..c4b3a55 100644 Binary files a/user/keys/ssh/work.pub.key and b/user/keys/ssh/work.pub.key differ diff --git a/user/keys/ssh/yubikey.pub.key b/user/keys/ssh/yubikey.pub.key index 217a8e3..a840349 100644 Binary files a/user/keys/ssh/yubikey.pub.key and b/user/keys/ssh/yubikey.pub.key differ diff --git a/user/modules/security/gpg/default.nix b/user/modules/security/gpg/default.nix index bc3734a..244eee1 100644 --- a/user/modules/security/gpg/default.nix +++ b/user/modules/security/gpg/default.nix @@ -28,7 +28,7 @@ in trust = 5; } { - text = "${config.user.keys.pgp.company}"; + text = "${config.user.keys.pgp.ccur}"; trust = 5; } ];