Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2025-01-15 17:27:27 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'mfc-patch-9'

Browse Source
This commit is contained in:
Andrew David Wong 2018-07-10 19:31:01 -05:00
commit 69a2b35c62
No known key found for this signature in database
GPG Key ID: 8CE137352A019A17
1 changed files with 23 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
security/split-gpg.md
View File

@ -14,11 +14,10 @@ redirect_from:
- /wiki/UserDoc/OpenPGP/ - /wiki/UserDoc/OpenPGP/
--- ---
Qubes Split GPG # Qubes Split GPG #
===============
## What is Split GPG and why should I use it instead of the standard GPG? ##
What is Split GPG and why should I use it instead of the standard GPG?
----------------------------------------------------------------------
Split GPG implements a concept similar to having a smart card with your Split GPG implements a concept similar to having a smart card with your
private GPG keys, except that the role of the "smart card" plays another Qubes private GPG keys, except that the role of the "smart card" plays another Qubes
AppVM. This way one, not-so-trusted domain, e.g. the one where Thunderbird is AppVM. This way one, not-so-trusted domain, e.g. the one where Thunderbird is
@ -76,8 +75,7 @@ could start a Disposable VM and have the to-be-signed document displayed
there? To Be Determined. there? To Be Determined.
Configuring Split GPG ## Configuring Split GPG ##
---------------------
In dom0, make sure the `qubes-gpg-split-dom0` package is installed. In dom0, make sure the `qubes-gpg-split-dom0` package is installed.
@ -146,7 +144,9 @@ only `gpg2`). If you encounter trouble while trying to set up Split-GPG, make
sure you're using `gpg2` for your configuration and testing, since keyring data sure you're using `gpg2` for your configuration and testing, since keyring data
may differ between the two installations. may differ between the two installations.
## Using Thunderbird + Enigmail with Split GPG ## ## Qubes 3.2 Specifics ##
### Using Thunderbird + Enigmail with Split GPG ###
However, when using Thunderbird with Enigmail extension it is However, when using Thunderbird with Enigmail extension it is
not enough, because Thunderbird doesn't preserve the environment not enough, because Thunderbird doesn't preserve the environment
@ -171,6 +171,21 @@ passphrase from your (sub)key(s) in order to get Split-GPG working correctly.
As mentioned above, we do not believe PGP key passphrases to be significant As mentioned above, we do not believe PGP key passphrases to be significant
from a security perspective. from a security perspective.
## Qubes 4.0 Specifics ##
### Using Thunderbird + Enigmail with Split GPG ###
New qrexec policies in Qubes R4.0 by default require the user to enter the name
of the domain containing GPG keys each time it is accessed. To improve usability
for Thunderbird+Enigmail, in `dom0` place the following line at the top of the file
`/etc/qubes-rpc/policy/qubes.Gpg`:
```
work-email work-gpg allow
```
where `work-email` is the Thunderbird+Enigmail AppVM and `work-gpg` contains
your GPG keys.
## Using Git with Split GPG ## ## Using Git with Split GPG ##
Git can be configured to used with Split-GPG, something useful if you would Git can be configured to used with Split-GPG, something useful if you would
@ -227,23 +242,9 @@ displayed to accept this.
<br /> <br />
Qubes 4.0
---------
New qrexec policies in Qubes R4.0 by default require the user to enter the name
of the domain containing GPG keys each time it is accessed. To improve usability
for Thunderbird+Enigmail, in `dom0` place the following line at the top of the file
`/etc/qubes-rpc/policy/qubes.Gpg`:
``` ## Advanced: Using Split GPG with Subkeys ##
work-email work-gpg allow
```
where `work-email` is the Thunderbird+Enigmail AppVM and `work-gpg` contains
your GPG keys.
<br />
Advanced: Using Split GPG with Subkeys
--------------------------------------
Users with particularly high security requirements may wish to use Split Users with particularly high security requirements may wish to use Split
GPG with [subkeys]. However, this setup GPG with [subkeys]. However, this setup
comes at a significant cost: It will be impossible to sign other people's keys comes at a significant cost: It will be impossible to sign other people's keys