= MFPL Shared Keyring =

[wiki:support-team Support Team Home]

MFPL uses an OpenPGP encrypted file, that is shared via git, to store root and encrypted disk passphrases.

To help us securely read and create new keys, we use a program called [http://git.sarava.org/?p=keyringer.git;a=summary keyringer].

Members of the support team can access the keys by following these steps:

 * Checkout the keyringer software:
{{{
git clone git://git.sarava.org/keyringer.git
}}}
 * Edit ~/.bashrc and add the following line, which is the path to your bash $PATH variable. After editing ~/.bashrc:
{{{
export PATH="$PATH:/path/to/keyringer"
}}}
 * Source your bash:
{{{
source ~/.bashrc
}}}
 * Initialize the MFPL keyringer. Replace "/path/to/keys" with the path where you want to checkout the MFPL keyring in your filesystem
{{{
keyringer mfpl init /path/to/keys gitosis@git.mayfirst.org:mfpl/keys
}}}
 * Before you can successfully run the script, you must have all of the people in the "config/recipients" in you gpg keyring. To double check you can run:
{{{
# find your gpgid with
gpg --list-secret-key 
gpg --list-sigs $YOURGPGID
}}}
 and compare it against the list of people in the recipients. Since there are key fingerprints in the recipients files you can grab all the missing ones from the recipients filelike so:
{{{
gpg --recv-keys $KEYFINGERPRINTS
}}} 
 * Create a symlink to the pass script in the keys directory in your bin directory:
{{{
ln -s /path/to/keys/pass ~/bin/
}}}
 * Use the bash wrapper script in the MFPL key ringer directory to search for keys. For example, to find the passphrase for assata:
{{{
pass assata 
}}}