ca-mgmt – a simple CA management tool

After reading Kees Leune‘s guide to setting up a CA here, I thought it’d be handy to script a lot of the legwork involved. The end result after a day or two’s hacking about is ca-mgmt.

Bug reports, feature requests, etc. are more than welcome to the usual address, or to the Github Issues page.

GnuPG – RSA key-pair mini-Howto with stronger digests

(Note: This was originally posted on my previous blog, but I’ve noticed that it’s being linked to, so I’ve reposted it here)

I’m not a mathematician (or a cryptographer) so I’m happy to take this post‘s word for it about a recent attack against SHA-1 (short PDF here). The post goes into detail about changing the preferred digests on a key, and is well worth a read.

The post also talks about using 2048-bit RSA keys, instead of the DSA/Elgamal default (which has a maximum size of 1024 bits). It goes into detail about how to migrate to an RSA key – if you’re going to migrate, I definitely recommend reading it.

However, I thought it would be nice to write a (very) quick guide on generating RSA private keys with GnuPG, as there are a few extra steps involved – but nothing complicated!
→ Continue reading ‘GnuPG – RSA key-pair mini-Howto with stronger digests’…