Skip to content

Instantly share code, notes, and snippets.

@rounakdatta

rounakdatta/private_transfer.md

Last active May 12, 2021 19:21
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save rounakdatta/e8555f6feab148a2337b05dce50a71e8 to your computer and use it in GitHub Desktop.
Save rounakdatta/e8555f6feab148a2337b05dce50a71e8 to your computer and use it in GitHub Desktop.
Download ZIP
Moving private keys securely between devices
Raw
private_transfer.md

There is no transfer method more secure than using a physical USB storage to move the private key. However, often connecting physical devices is a barrier and at other times is an opposite wind. So, we'll create a simple HTTP server over a private (home) network and use that for the transfer.

Origin

Let us first export the GPG private and public keys:

gpg --output private.key --armor --export-secret-keys me@email.com
gpg --output public.key --armor --export me@email.com

Most machines today will have at least a primitive version of python installed.

cd ~/
python3 -m http.server

Also, we'll need to know the IP address of the origin machine as,

ipconfig getifaddr en0 # considering it's wireless

This gives us (let's say) 1.2.3.4.

Destination

We open up a browser or curl 1.2.3.4 and download the following files:

  • ~/.gnupg/private.key
  • ~/.gnupg/public.key
  • ~/.ssh/keys/personal.pem

And then move then appropriately to the location as required:

cp ~/Downloads/*.pem ~/.ssh/keys/

A file downloaded from web doesn't have correct permissions for being a SSH key, hence we need to fix the permissions as well:

chmod 400 ~/.ssh/keys/*.pem
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment