Recent Posts
Secure Your Travis CI Releases - Part 2: Signature with OpenPGP
In the first part of our series, I showed you how to generate a hash code file for your Travis CI release, thus making it possible for clients to check release integrity. In this part we are going to take things one step further by securing release authenticity ...
Schütze deine Travis CI-Releases - Teil 2: Signatur mit OpenPGP
Im ersten Teil unserer Serie, habe ich gezeigt, wie man eine Hash-Code-Datei für ein Travis-CI-Release erzeugt, mit der man auf einfache Weise die Integrität überprüfen kann. In diesem Teil werden wir einen Schritt weitergehen und die Release-Authentizität mit ...
Secure your Travis CI releases – part 1: checksum with SHA
When fiddling around with Travis CI a very popular CI tool for GitHub projects, I was wondering: How to secure my release artifacts against forgery, e.g., malware injection? I already knew the solution: SHA and OpenPGP. But how to include those into my Travis CI ...
Schütze deine Travis CI-Releases - Teil 1: Prüfsumme mit SHA
Als ich mich zuletzt mit Travis CI beschäftigt habe, einem sehr populären CI-Tool für GitHub-Projekte, kam mir die Frage: Wie schütze ich meine fertigen Release-Artefakte vor Veränderung, z. B. Malware-Injection? Die Lösung lag für mich auf der Hand: Hashcodes mit ...
OpenPGP on the Job – Part 8: SSH with OpenPGP and YubiKey
Being an employee in the IT myself, I often need to access remote machines. Most of the time, SSH and public key cryptography is used here. But although I do use OpenPGP for mail and data encryption, I still need an extra SSH key pair for this kind of remote ...
OpenPGP On The Job – Part 7: Improved Security With YubiKey
Alright, you've got your PGP basic knowledge, your setup is all shiny and you sign and encrypt e-mails on a daily basis like a pro. However, the keys are neither mobile, nor stored in a secure place. In case you want to use them on other devices, you'll need to ...
OpenPGP On The Job – Part 6: E-Mail Encryption on Android with K-9 Mail + OpenKeychain
You don't need to do without OpenPGP support on your tablet or mobile phone. There exists a great many Android apps that provide this. I have chosen K-9 Mail and OpenKeychain, because they have a good feature set and are widely spread. In this article I'm going to show you how to set up and use these, to securely receive and send e-mails on and from your Android device.
OpenPGP On The Job – Part 5: Thunderbird + Enigmail
Well, it's time to set up a useful mail client so that we may make the most use out of our new and shiny keys that we learned to generate in part 4 of this series. Of course, there exist quite a few clients for all those different platforms out there. Quality ...
OpenPGP On The Job – Part 4: Generating Keys
Patience is key! Having survived theoretical basics, an excursus in verification and a secure setup guide, we now can finally dive into the real thing: Generating all new and shiny PGP keys! Unfortunately the devil is all in the details: Keys may be very ...
OpenPGP im Berufsalltag – Teil 8: SSH mit OpenPGP und YubiKey
Als Angestellter in der IT muss ich häufig auf entfernte Rechner zugreifen. Meistens funktioniert das mit Hilfe von SSH und Public-Key-Kryptographie. Obwohl ich Mails und Daten bereits mit meinem OpenPGP-Schlüsselpaar verschlüssele, brauche ich für den SSH-Zugang ...