diff --git a/quorum-vault-system/src/component-documents/autorun-sh-setup.md b/quorum-vault-system/src/component-documents/autorun-sh-setup.md index 4a6e25b..9629f50 100644 --- a/quorum-vault-system/src/component-documents/autorun-sh-setup.md +++ b/quorum-vault-system/src/component-documents/autorun-sh-setup.md @@ -9,14 +9,14 @@ This setup can be done on any machine. * In your Terminal use this command: `vi autorun.sh` * Once you are in the editor press "i" to enter "insert mode" - - * Type in the contents, replacing and with your chosen threshold numbers according to your [Quorum](selecting-quorum.md): - + + * Type in the contents, replacing , , , with your chosen threshold numbers according to your [Quorum](selecting-quorum.md): + ```sh #!/bin/sh - keyfork wizard generate-shard-secret --threshold --max --output shards.pgp + keyfork mnemonic generate --shard-to-self shardfile.asc,threshold=,max=,cards_per_shard=,cert_output=keyring.asc --derive='openpgp --public "" --output certificate.asc' ``` - + * Press "esc" * Press ":" * Press "x" @@ -38,4 +38,4 @@ This setup can be done on any machine. c. Copy the `autorun.sh` file to the Storage Device -1. Make note of this hash on a piece of paper or print it as you will need it to verify the file during Ceremonies. \ No newline at end of file +1. Make note of this hash on a piece of paper or print it as you will need it to verify the file during Ceremonies. diff --git a/quorum-vault-system/src/component-documents/openpgp-setup.md b/quorum-vault-system/src/component-documents/openpgp-setup.md index 821d39d..53c683d 100644 --- a/quorum-vault-system/src/component-documents/openpgp-setup.md +++ b/quorum-vault-system/src/component-documents/openpgp-setup.md @@ -28,12 +28,12 @@ as such need to be set up in a manner that minimizes exposure risks. Ensure the User ID is your name and your email. ``` - $ keyfork mnemonic generate --encrypt-to-self output=encrypted.asc --provision openpgp-card,userid="Your Name " + $ keyfork mnemonic generate --encrypt-to-self encrypted.asc --provision openpgp-card --derive='openpgp --public "Your Name "' ``` - The `count=` variable can be provided to `provision` to ensure the correct - amount of smartcards is provisioned - the program will error if the amount - of smartcards available is not equal to the count requested. + The `--provision-count` option can be provided to ensure the correct amount + of smartcards is provisioned - the program will error if the amount of + smartcards available is not equal to the count requested. Note: The PIN can't use sequential numbers, characters or repeated patterns. diff --git a/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/namespace-entropy-ceremony.md b/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/namespace-entropy-ceremony.md index 02babe1..0587ab3 100644 --- a/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/namespace-entropy-ceremony.md +++ b/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/namespace-entropy-ceremony.md @@ -20,9 +20,9 @@ This is a ceremony for generating and sharding entropy to a set of existing Quor 1. Run the command to generate new entropy and shard it to quorum of public certificates of the input shardfile: - * Replace the values: + * Replace the values: , - * `keyfork mnemonic generate --shard-to ,output=shardfile.asc --encrypto-to-self encryption_certificate.asc,userid=` + * `keyfork mnemonic generate --shard-to ,output=shardfile.asc --derive='openpgp --public "" --output certificate.asc' 1. Unseal an SD card pack @@ -35,9 +35,10 @@ This is a ceremony for generating and sharding entropy to a set of existing Quor 1. Back up the files ``` $ cp shardfile.asc /media/vaults// - TODO (NOT IMPLEMENTED): $ cp encryption_certificate.asc /media/vaults// + $ cp certificate.asc /media/vaults// $ cp -r /media/vaults /root/ ``` + 1. To create additional backups of the updated `vaults` repository, plug in SD cards one at a time and use following steps to back up ceremony artifacts 1. Plug in fresh SD card diff --git a/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/quorum-entropy-ceremony.md b/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/quorum-entropy-ceremony.md index 09eb6bc..bc883b3 100644 --- a/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/quorum-entropy-ceremony.md +++ b/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/quorum-entropy-ceremony.md @@ -18,15 +18,12 @@ This is a ceremony for generating entropy which is used to derive Quorum PGP key {{ #include template-ceremony-setup.md:content }} -1. Run the relevant keyfork wizard to perform the ceremony: +1. Run the relevant keyfork operation to perform the ceremony: - * Replace the following values: \, \, , with appropriate values + * Replace the following values: \, \, , with appropriate values - * `keyfork wizard generate-shard-secret --threshold --max --keys-per-shard= --output shardfile.asc --cert-output keyring.asc` + * `keyfork mnemonic generate --shard-to-self shardfile.asc,threshold=,max=,cards_per_shard=,cert_output=keyring.asc --derive='openpgp --public "" --output certificate.asc'` - * TODO - NOT IMPLEMENTED: - `--derive-openpgp-cert encryption_cert.asc,userid=` - 1. Unseal an SD card pack by following tamper proofing steps: {{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-unsealing}} @@ -39,7 +36,7 @@ This is a ceremony for generating entropy which is used to derive Quorum PGP key ``` $ cp shardfile.asc /media/vaults// $ cp keyring.asc /media/vaults// - TODO (NOT IMPLEMENTED): $ cp encryption_cert.asc /media/vaults// + $ cp certificate.asc /media/vaults// $ cp -r /media/vaults /root/ ```