1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
Keysafe securely backs up a gpg secret key or other short secret to the cloud.
This is not intended for storing Debian Developer keys that yield root on
ten million systems. It's about making it possible for users to use gpg who
currently don't, and who would find it too hard to use `paperkey` to back
up and restore their key as they reinstall their laptop.
Not yet ready for production use! Needs security review!
May run over your dog! Not suitable for bitcoin keys!
## Screenshots
See [[screenshots]]. (Keysafe can also run in text mode in a terminal.)
## How it works, basically
The secret key is encrypted using a password, and is split into three
shards, and each is uploaded to a server run by a different entity. Any two
of the shards are sufficient to recover the original key. So any one server
can go down and you can still recover the key.
Keysafe checks your password strength (using the excellent but not perfect
[zxcvbn library](https://github.com/tsyrogit/zxcvbn-c)),
and shows an estimate of the cost to crack your password,
before backing up the key.
[[screenshots/4.png]]
(Above is for the password "makesad spindle stick")
Keysafe is designed so that it should take millions of dollars of computer
time to crack any fairly good password. (This is accomplished using
[Argon2](https://en.wikipedia.org/wiki/Argon2).)
With a truely good password, such as four random words, the cracking cost
should be many trillions of dollars.
The password is the most important line of defense, but keysafe's design
also makes it hard for an attacker to even find your encrypted secret key.
For a more in-depth explanation, and some analysis of different attack
vectors (and how keysafe thwarts them), see [[details]].
Also, there's a [[FAQ]].
Here's a video explaining keysafe:
<html>
<video controls width=400 src="http://mirror.linux.org.au/pub/linux.conf.au/2017/securely_backing_up_gpg_private_keys_to_the_cloud.webm"></video>
</html>
## News
[[!inline pages="news/* and !*/Discussion" show="3"]]
## Installation
Keysafe is now available in [Debian experimental](https://wiki.debian.org/DebianExperimental).
Install it from there, or from source.
## Git repository
`git clone git://keysafe.branchable.com/ keysafe`
All tags and commits in this repository are gpg signed, and you should
verify the signature before using it.
## Building from source
You should first install Haskell's stack tool, the readline and argon2
libraries, and zenity. For example, on a Debian system:
sudo apt-get install haskell-stack libreadline-dev libargon2-0-dev zenity
Then to build and install keysafe, cd into its source tree and run:
stack install
Note that there is a manpage, but stack doesn't install it yet.
## Reporting bugs
Post to [[todo]] or email <id@joeyh.name>
## Servers
See [[servers]] for information on the keysafe servers.
## License
Keysafe is licensed under the terms of the AGPL 3+
## Thanks
Thanks to Anthony Towns for his help with keysafe's design.
|
