public
/
docs
5
0
Fork 0
Code Issues 14 Pull Requests 1 Packages Projects Releases Wiki Activity

adjust pgp generate and back up names

This commit is contained in:
Anton Livaja 2025-01-29 05:46:30 -05:00
parent 536eae4493
commit 807e300d15
Signed by: anton
GPG Key ID: 44A86CFF1FDF0E85
2 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/namespace-entropy-ceremony.md
View File

@ -32,9 +32,9 @@ This is a ceremony for generating and sharding entropy to a set of existing Quor
1. Run the command to generate new entropy and shard it to quorum of public certificates of the input shardfile:
* Replace the values: <path_to_input_shard>, <output_shardfile>, <output_pgp_cert_path>, <pgp_cert_id>
* Replace the values: <path_to_input_shard>, <pgp_cert_id>
* `keyfork mnemonic generate --size 256 --shard-to <path_to_input_shard>,output=<output_shardfile> --output-cert <output_pgp_cert_path> --user-id <pgp_cert_id>`
* `keyfork mnemonic generate --size 256 --shard-to <path_to_input_shard>,output=output_shardfile.asc --output-cert root_pgp_cert.asc --user-id <pgp_cert_id>`
1. Unseal an SD card pack
@ -42,13 +42,15 @@ This is a ceremony for generating and sharding entropy to a set of existing Quor
1. Place all unsealed SD cards into High Visibility Storage
1. Back up the `<output_shardfile>` to any desired number of SD cards, and label each "Shardfile [unique_name] [date]"
1. Back up the `output_shardfile.asc` to any desired number of SD cards, and label each "Shardfile [unique_name] [date]"
1. `lsblk` to find media name
1. `cp <shard_file_name> /media/<media_name>`
1. Back up the output shardfile:
* `cp output_shardfile.asc /media/<media_name>/output_shardfile.asc`
1. `cp <output_pgp_cert_path> /media/cert.asc`
1. Back up the root PGP certificate:
* `cp root_pgp_cert.asc /media/root_pgp_cert.asc`
1. Each backup should be placed into High Visibility Storage after it's made

12
quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/quorum-entropy-ceremony.md
View File

@ -32,9 +32,9 @@ This is a ceremony for generating entropy which is used to derive Quorum PGP key
1. Run the relevant keyfork wizard to perform the ceremony:
* Replace the following values: <M>, <N>, <number_of_smart_cards_per_operator>, <output_pgp_cert_path>, <pgp_cert_id>
* Replace the following values: <M>, <N>, <number_of_smart_cards_per_operator>, <pgp_cert_id>
* `keyfork wizard generate-shard-secret --threshold <M> --max <N> --keys-per-shard=<number_of_smart_cards_per_operator> --output shardfile.asc --cert-output keyring.asc --output-cert <output_pgp_cert_path> --user-id <pgp_cert_id>`
* `keyfork wizard generate-shard-secret --threshold <M> --max <N> --keys-per-shard=<number_of_smart_cards_per_operator> --output shardfile.asc --cert-output keyring.asc --output-cert root_pgp_cert.asc --user-id <pgp_cert_id>`
1. Unseal an SD card pack
@ -46,13 +46,17 @@ This is a ceremony for generating entropy which is used to derive Quorum PGP key
1. Find media name using `lsblk`
1. Back up the root OpenPGP certificate
* `cp root_pgp_cert.asc /media/<media_name>/root_pgp_cert.asc`
1. Back up the `shardfile.asc`
* `cp shardfile.asc /media/<media_name>`
* `cp shardfile.asc /media/<media_name>/shardfile.asc`
1. Back up the `keyring.asc`
* `cp keyring.asc /media/<media_name>`
* `cp keyring.asc /media/<media_name>/keyring.asc`
<!--
1. Optionally write an `autorun.sh` file to the Shardfile SD card containing the following command: