~ajhalili2006's personal website, built with Zensical (successor of Material for Mkdocs) [old repo name got bugged while attempting to do manual knot migration via repo deletion]
andreijiroh.dev
andreijiroh.dev
zensical
mkdocs-material
website
1---
2title: Cryptographic keys
3---
4This page contains all the cryptographic public keys I use for different purposes,
5ranging from encryption and decryption to signing Git commits and even identity
6verification without requiring an government-issued ID.
7
8## Keysigning ceremories
9
10_This is moved to [Encrypted communications](https://wiki.andreijiroh.dev/garden/user-manual/encrypted-communications#key-signing-ceremories) section of the personal user manual._
11
12## GPG Keys
13
14You can get all the GPG keys I use publicly, including the old 2021 key (as shown on
15Keybase) and ProtonMail-specific encryption key in one file [here](./pgp.asc). Make
16sure to check the fingerpints and/or key IDs against [this list](#keys-i-use) to
17ensure its the right key.
18
19```bash
20# one-liner import from my website (or via ajhalili2006.vern.cc and ctrl-c.club/~ajhalili2006)
21gpg --fetch-keys "https://andreijiroh.dev/keys/pgp.asc"
22# sourcehut/gitlab, but it is advised to import latest keys and signatures from keyservers, listed below
23gpg --fetch-keys "https://meta.sr.ht/~ajhalili2006.pgp"
24gpg --fetch-keys "https://gitlab.com/ajhalili2006.gpg"
25gpg --fetch-keys "https://mau.dev/ajhalili2006.gpg"
26```
27
28If you prefer to load it from a keyserver (let say you're an Ubuntu/Debian developer
29snooping around my [Launchpad.net profile](https://launchpad.net/~ajhalili2006)),
30you can do so with these command below:
31
32```bash
33# Other keyservers: pgp.mit.edu, keys.openpgp.org, keys.mailvelope.com
34gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys \
35 4D5E631758CB9CC45941B1CE67BFC91B3DA12BE8 \
36 0527234A430387EA5695D824A30EBE40AD856D88 \
37 EA957E7086E934F8DB9CAD21940047813E9D641C \
38 5D69E717C5BC95731C2AD8BD120C218ED2291996
39```
40
41### Keys I use
42
43* `4D5E631758CB9CC45941B1CE67BFC91B3DA12BE8` - the December 2022 PGP key used for
44commits and encryption (primary email: `ajhalili2006@andreijiroh.dev`)
45* `0527234A430387EA5695D824A30EBE40AD856D88` - the Feburary 2021 PGP key, as shown on
46my old Keybase profile (primary email: `andreijiroheugeniohalili24680@gmail.com`)
47* `A715100E58CF60500EE159652F384539C700B263` - Recap Time Squad specific key
48* `EA957E7086E934F8DB9CAD21940047813E9D641C` - spare signing key for software
49release, especially on my own Debian package repos/Launchpad PPAs.
50* `5D69E717C5BC95731C2AD8BD120C218ED2291996` - ProtonMail specific encryption key (`ajhalili2006@proton.me`)
51
52## SSH Keys
53
54You can also get all the keys in one file (and its signers file) at the following URLs:
55
56* Website as its deployed via CI: <https://andreijiroh.dev/keys/ssh/trustfile.txt>
57* As pushed via Git: <https://gitlab.com/andreijiroh-dev/website/-/blob/main/markdown/keys/ssh/trustfile.txt>
58
59These SSH keys are used for signing Git commits and tags occasionally, as well
60for signing checksums file on release tarballs, encrypting and decrypting
61secrets via `agenix` and friends and identity verification on account recovery
62for sr.ht and Miraheze.