keybase and github commits

Apr 18, 2016 2 min.

Now that Github visualizes signed commit, I wanted to start using my keybase pgp key to sign commits. Unfortunately my keybase key had a single uid of tam7t@keybase.io which is not actually a real email address. This prevented github from showing commits signed with that key as verified. Thankfully, it is easy to add a second uid to your public key and not have to struggle with keybase’s new key model.

SSH keys on a yubikey

Dec 27, 2015 3 min.

There is something oddly satisfying about having my private ssh keys only on a hardware device where they cannot be directly accessed. For the past 6 months I’ve been using a yubikey for SSH access to my servers and github. In this configuration the private key only exists on the yubikey and cannot be transferred to the host computer. All cryptographic operations that require the private key are preformed on the yubikey.