diff options
| author | saturneric <[email protected]> | 2025-04-09 19:44:05 +0000 |
|---|---|---|
| committer | saturneric <[email protected]> | 2025-04-09 19:44:05 +0000 |
| commit | 548ee447aa72abd2c7bb1a85bb878ca53b77e808 (patch) | |
| tree | d25a75f71fdd6deb98d95c34997d67917c4de72f /src | |
| parent | feat: adapt manual to v2.1.7 (diff) | |
| download | Manual-548ee447aa72abd2c7bb1a85bb878ca53b77e808.tar.gz Manual-548ee447aa72abd2c7bb1a85bb878ca53b77e808.zip | |
chore: make structure better
Diffstat (limited to 'src')
| -rw-r--r-- | src/content/docs/advanced/gnupg-controller.md | 136 | ||||
| -rw-r--r-- | src/content/docs/advanced/key-database.md | 101 | ||||
| -rw-r--r-- | src/content/docs/advanced/key-package.md | 39 | ||||
| -rw-r--r-- | src/content/docs/advanced/sync-all-public-keys.md | 64 | ||||
| -rw-r--r-- | src/content/docs/guides/fundamental-concepts.md | 28 |
5 files changed, 163 insertions, 205 deletions
diff --git a/src/content/docs/advanced/gnupg-controller.md b/src/content/docs/advanced/gnupg-controller.md index 70b5d29..36f74e0 100644 --- a/src/content/docs/advanced/gnupg-controller.md +++ b/src/content/docs/advanced/gnupg-controller.md @@ -16,7 +16,7 @@ To access the **GpgController**: 1. Navigate to the **Advanced** menu in the top toolbar. 2. Select **Open GnuPG Controller** from the dropdown menu. -  + The **GpgController** interface includes three tabs: **General**, **Key Database**, and **Advanced**. Below is a detailed explanation of each tab's @@ -30,51 +30,52 @@ The **General** tab provides essential configuration options for GpgFrontend's i ### Available Options -1. **Use Binary Mode for File Operations** +#### Use Binary Mode for File Operations - - This option determines the format used for encrypted or signed files: - - **Binary Mode**: Produces compact and efficient files, ideal for storage - and processing. - - **ASCII Mode**: Generates human-readable files encoded in ASCII format. - This is useful for sharing files over email or systems that might corrupt - binary files. - - **Recommendation**: Use binary mode for local file operations and ASCII - mode for file sharing or email attachments. +This option determines the format used for encrypted or signed files: +- **Binary Mode**: Produces compact and efficient files, ideal for storage and + processing. +- **ASCII Mode**: Generates human-readable files encoded in ASCII format. This + is useful for sharing files over email or systems that might corrupt binary + files. -2. **Use Pinentry as Password Input Dialog** +Recommendation: Use binary mode for local file operations and ASCII +mode for file sharing or email attachments. - - GpgFrontend includes a built-in password input dialog designed as a - temporary fallback when no external **Pinentry** program is available. - However, the built-in dialog has limitations and may not work for all - password input scenarios. - - **Recommendation**: Users are strongly encouraged to install a - full-featured **Pinentry** program to ensure a seamless and secure password - input experience. **Pinentry** is optimized for GnuPG's requirements and - provides additional features such as better passphrase caching and hardware - token support. +#### Use Pinentry as Password Input Dialog -3. **Enable GpgME Debug Log** +GpgFrontend includes a built-in password input dialog designed as a +temporary fallback when no external **Pinentry** program is available. +However, the built-in dialog has limitations and may not work for all +password input scenarios. - - Enables verbose logging for troubleshooting GPG operations via the - **GpgME** library. This is useful for advanced users diagnosing issues in - encryption or signing workflows. +Recommendation: Users are strongly encouraged to install a +full-featured **Pinentry** program to ensure a seamless and secure password +input experience. **Pinentry** is optimized for GnuPG's requirements and +provides additional features such as better passphrase caching and hardware +token support. -4. **Restart Gpg Agent on Start** +#### Enable GpgME Debug Log - - Ensures that the GPG agent is restarted whenever GpgFrontend launches. This - helps avoid issues caused by stale GPG agent processes. +Enables verbose logging for troubleshooting GPG operations via the +**GpgME** library. This is useful for advanced users diagnosing issues in +encryption or signing workflows. -5. **Kill All GPG Daemons at Close** +#### Restart Gpg Agent on Start - - Terminates all GPG-related background processes when the application exits. - This ensures that no sensitive information is cached in memory or - accessible after the session ends. - - **Recommendation**: Always enable this option for improved security. +Ensures that the GPG agent is restarted whenever GpgFrontend launches. This +helps avoid issues caused by stale GPG agent processes. - > **Note**: Changes to any settings in the General tab will require - > restarting GpgFrontend to take effect. +#### Kill All GPG Daemons at Close ---- +Terminates all GPG-related background processes when the application exits. +This ensures that no sensitive information is cached in memory or +accessible after the session ends. + +Recommendation: Always enable this option for improved security. + +> **Note**: Changes to any settings in the General tab will require +> restarting GpgFrontend to take effect. ## Key Database Tab: Overview @@ -86,55 +87,44 @@ detailed documentation is available elsewhere, note the following key points: - **Switch Between Databases**: Use the **Key Toolbox** dropdown in the main interface to select the active database. -  - - > For more information on key database management, refer to the dedicated - > documentation. + ---- +:::tip[Tipps] +> For more information on key database management, refer to the dedicated +> documentation. +::: ## Advanced Tab: Custom GnuPG Configuration The **Advanced** tab is designed for users who need to configure custom GPG installations. - + ### Configuring Custom GnuPG -1. **Enable Custom GnuPG** - - - Check the **Use Custom GnuPG** box to enable this feature. - -2. **Specify GPG Configuration Path** - - - Use the **Select GnuPG Path** button to locate and set the directory where - `gpgconf` resides. This is critical because GpgFrontend relies on the paths - provided by `gpgconf` to locate essential components like `gpg`, `gpgsm`, - and `gpg-agent`. +1. **Enable Custom GnuPG**: Check the **Use Custom GnuPG** box to enable this + feature. +2. **Specify GPG Configuration Path**: Use the **Select GnuPG Path** button to + locate and set the directory where `gpgconf` resides. This is critical + because GpgFrontend relies on the paths provided by `gpgconf` to locate + essential components like `gpg`, `gpgsm`, and `gpg-agent`. +3. **Verifying Custom Configuration**: After setting the path, you can test the + configuration by running `gpgconf --list-components` in a terminal. This + command lists all available GPG components and their paths, ensuring that + GpgFrontend can access themcorrectly. -3. **Verifying Custom Configuration** + - - After setting the path, you can test the configuration by running `gpgconf ---list-components` in a terminal. This command lists all available GPG - components and their paths, ensuring that GpgFrontend can access them - correctly. - -  - - > **Note**: If `gpgconf` is not configured correctly, GpgFrontend may fail to - > locate and execute necessary GPG binaries. - ---- +:::caution +If `gpgconf` is not configured correctly, GpgFrontend may fail to +locate and execute necessary GPG binaries. +::: ## Tips for Using GpgController Effectively -1. **Choose File Formats Wisely** - - - Use **Binary Mode** for efficiency in local operations and **ASCII Mode** - for readability and compatibility in file sharing. - -2. **Install a Full-Featured Pinentry** - - - Avoid relying on GpgFrontend's built-in password dialog for critical - operations. Installing **Pinentry** ensures better compatibility and - security. +- Choose File Formats Wisely: Use **Binary Mode** for efficiency in local + operations and **ASCII Mode** for readability and compatibility in file + sharing. +- Install a Full-Featured Pinentry: Avoid relying on GpgFrontend's built-in + password dialog for critical operations. Installing **Pinentry** ensures better + compatibility and security. diff --git a/src/content/docs/advanced/key-database.md b/src/content/docs/advanced/key-database.md index 560c919..b2c9eb1 100644 --- a/src/content/docs/advanced/key-database.md +++ b/src/content/docs/advanced/key-database.md @@ -31,94 +31,77 @@ projects, organizations, or levels of security. ## Accessing the Multi-Key Database Feature -### Opening the GnuPG Controller - To manage multiple key databases, follow these steps: -1. **Access the Advanced Menu** +### Access the Advanced Menu - - Click on the **Advanced** menu in the top navigation bar. - - Select **Open GnuPG Controller** from the dropdown options. +- Click on the **Advanced** menu in the top navigation bar. +- Select **Open GnuPG Controller** from the dropdown options. -  + -2. **Navigate to the Key Database Tab** +### Navigate to the Key Database Tab - - In the **GnuPG Controller** window, switch to the **Key Database** tab. - - Here, you will find a list of all configured key databases. +- In the **GnuPG Controller** window, switch to the **Key Database** tab. +- Here, you will find a list of all configured key databases. -  + ## Managing Key Databases The **Key Database** tab allows you to perform the following operations: -### 1. Adding a New Key Database +### Adding a New Key Database - Click the **Add New Key Database** button. - Specify a name and path for the new database. This will create an isolated environment for new keys. -### 2. Editing and Reordering Key Databases +### Editing and Reordering Key Databases + +Right-click on a database entry to view options like: +- **Move Up/Move Down**: Reorder the database list. +- **Move to Top**: Prioritize a database by moving it to the top. If a database + is at the top, it is considered as the Default Key Database. +- **Edit**: Rename or modify the path of an existing database. +- **Remove**: Delete a database from the configuration. -- Right-click on a database entry to view options like: - - **Move Up/Move Down**: Reorder the database list. - - **Move to Top**: Prioritize a database by moving it to the top. If a database is at the top, it is considered as the Default Key Database. - - **Edit**: Rename or modify the path of an existing database. - - **Remove**: Delete a database from the configuration. + - +:::caution -> **Note**: Any changes to the key database settings will require an application -> restart to take effect. +Any changes to the key database settings will require an application +restart to take effect. -### 3. Switching Between Databases +::: + +### Switching Between Databases - Use the **Key Toolbox** dropdown in the main interface to switch between configured databases. - Select the desired database, and the corresponding keys will be displayed. - + ## Use Cases for Multi-Key Databases -1. **Project Isolation** - - - Maintain separate databases for different projects to avoid accidental - cross-use of keys. - -2. **Organizational Separation** - - - Keep departmental or team-specific keys isolated to ensure they are only - accessible to authorized personnel. - -3. **Enhanced Security for Sensitive Keys** - - Store high-security keys in a dedicated database, minimizing the risk of - exposure during routine operations. +- Project Isolation: Maintain separate databases for different projects to +avoid accidental cross-use of keys. +- Organizational Separation: Keep departmental or team-specific keys isolated +to ensure they are only accessible to authorized personnel. +- Enhanced Security for Sensitive Keys: Store high-security keys in a dedicated + database, minimizing the risk of exposure during routine operations. ## Tips for Effective Multi-Key Database Usage -1. **Name Databases Clearly** - - - Use descriptive names for each database to make it easier to identify their - purpose. - -2. **Regular Backups** - - - Backup each database regularly to prevent loss of critical keys. Store - backups in secure, encrypted locations. - -3. **Audit Database Usage** - - - Periodically review the contents and usage of each database to ensure - proper organization and security. - -4. **Isolate Sensitive Operations** - - - For highly sensitive keys, consider using a dedicated device or environment - to manage their database. - -5. **Avoid Overloading Databases** - - - Distribute keys evenly across multiple databases instead of overloading a - single one. This enhances performance and organization. +- Name Databases Clearly: Use descriptive names for each database to make it + easier to identify their purpose. +- Regular Backups: Backup each database regularly to prevent loss of critical +keys. Store backups in secure, encrypted locations. +- Audit Database Usage: Periodically review the contents and usage of each +database to ensure proper organization and security. +- Isolate Sensitive Operations: For highly sensitive keys, consider using a +dedicated device or environment to manage their database. +- Avoid Overloading Databases: Distribute keys evenly across multiple databases + instead of overloading a single one. This enhances performance and + organization. diff --git a/src/content/docs/advanced/key-package.md b/src/content/docs/advanced/key-package.md index e25d169..bb0c01a 100644 --- a/src/content/docs/advanced/key-package.md +++ b/src/content/docs/advanced/key-package.md @@ -75,34 +75,25 @@ To transfer the KeyPackage: To import the KeyPackage after transferring it to the target device, follow these steps: - + -1. **Initiate Import**: +- **Initiate Import**: Open the key management tool on the target device and +click on the "Import Key" button. +- **Select KeyPackage Option**: As shown in the image, from the dropdown menu, +select the "Key Package" option. This indicates that you will be importing a +KeyPackage. - - Open the key management tool on the target device and click on the "Import - Key" button. +- **Select KeyPackage File**: A file selection dialog will appear. First, choose +the `.gpgpack` file that you transferred. This file contains the packaged keys. -2. **Select KeyPackage Option:** +- **Select Key File**: After selecting the `.gpgpack` file, another file +selection dialog will prompt you to choose the corresponding key file. This key +file is used to decrypt the KeyPackage. - - As shown in the image, from the dropdown menu, select the "Key Package" - option. This indicates that you will be importing a KeyPackage. - -3. **Select KeyPackage File**: - - - A file selection dialog will appear. First, choose the `.gpgpack` file that - you transferred. This file contains the packaged keys. - -4. **Select Key File**: - - - After selecting the `.gpgpack` file, another file selection dialog will - prompt you to choose the corresponding key file. This key file is used to - decrypt the KeyPackage. - -5. **Import Keys**: - - Once both files are selected, the key management tool will automatically - import the keys contained within the KeyPackage. You will be prompted to - enter the passphrase that was set during the creation of the KeyPackage to - complete the import process. +- **Import Keys**: Once both files are selected, the key management tool will +automatically import the keys contained within the KeyPackage. You will be +prompted to enter the passphrase that was set during the creation of the +KeyPackage to complete the import process. By following these steps, you can securely import your cryptographic keys from the KeyPackage into the key management tool on the target device. diff --git a/src/content/docs/advanced/sync-all-public-keys.md b/src/content/docs/advanced/sync-all-public-keys.md index 3dc0eac..d3ddb79 100644 --- a/src/content/docs/advanced/sync-all-public-keys.md +++ b/src/content/docs/advanced/sync-all-public-keys.md @@ -10,9 +10,6 @@ public keys, such as revocations or the addition of subkeys, are reflected in your local keyring. Without this, you may be vulnerable to security risks like man-in-the-middle attacks or authentication errors. -Here's a structured guide to maintaining public key synchronization using the -GpgFrontend's Public Key Sync feature. - ## Importance of Public Key Synchronization **Key Revocation:** If a key is revoked by its owner, it's vital to stop using @@ -28,33 +25,22 @@ authenticate signatures made with the new subkey. GpgFrontend automates the public key synchronization process through a user-friendly interface. Here’s how to use it: -1. **Open the Key Management Interface**: - - - Navigate to the Key Management interface by clicking on the "Manage Keys" - button in the main interface. - -2. **Select Keys to Sync**: - - - In the list of public keys, you can select specific keys to sync by - checking the boxes next to them. If you want to sync all public keys, you - do not need to select any specific keys. - -3. **Click the Sync Public Key Button**: - - - Locate and click the **Sync Public Key** button. This button is represented - by a cloud icon with a refresh symbol, located in the toolbar at the top of - the Key Management interface. - - If you have selected specific keys, the synchronization process will - initiate for those keys. If no keys are selected, a confirmation prompt - will appear, asking you to confirm if you want to synchronize all public - keys. - -4. **Synchronization Process**: - - The feature works by checking all the public keys in your possession - against the key server. If there is an updated version of a key you own, - GpgFrontend will import the new details to your local keyring. - - +1. Open the Key Management Interface: Navigate to the Key Management interface +by clicking on the "Manage Keys" button in the main interface. +2. Select Keys to Sync: In the list of public keys, you can select specific keys +to sync by checking the boxes next to them. If you want to sync all public keys, +you do not need to select any specific keys. +3. Click the Sync Public Key Button: Locate and click the **Sync Public Key** +button. This button is represented by a cloud icon with a refresh symbol, +located in the toolbar at the top of the Key Management interface.If you have +selected specific keys, the synchronization process will initiate for those +keys. If no keys are selected, a confirmation prompt will appear, asking you to +confirm if you want to synchronize all public keys. +4. Synchronization Process: The feature works by checking all the public keys in +your possession against the key server. If there is an updated version of a key +you own, GpgFrontend will import the new details to your local keyring. + + By following these steps, you can ensure that your public keys are always up-to-date, enhancing the security and reliability of your cryptographic @@ -67,10 +53,14 @@ To know which key server GpgFrontend interacts with, follow these steps: 1. Go to the settings section of GpgFrontend. 2. The default key server configured will be listed here. - + + +:::tip -_Note: Replace the placeholder text with the actual link to the image showing -the key server settings._ +Replace the placeholder text with the actual link to the image showing +the key server settings. + +::: If you need to use a different key server: @@ -85,10 +75,4 @@ If you need to use a different key server: - **Verify Changes:** After syncing, verify any changes or updates to ensure they are legitimate. - **Secure Network:** Always perform key synchronization over a secure network - to prevent interception or tampering. - -## Conclusion - -By following this guide, you can ensure that your public keys are always -up-to-date, reflecting the current status on the key server, thereby maintaining -the integrity of your encrypted communications. + to prevent interception or tampering.
\ No newline at end of file diff --git a/src/content/docs/guides/fundamental-concepts.md b/src/content/docs/guides/fundamental-concepts.md index 78e95b6..f1223b2 100644 --- a/src/content/docs/guides/fundamental-concepts.md +++ b/src/content/docs/guides/fundamental-concepts.md @@ -24,10 +24,12 @@ At the heart of GPG is the **key pair**: two mathematically linked keys. - Decrypt messages sent to you. - Sign data so others know it’s really from you. -> 🧠 Think of it like a mailbox: -> - Your public key is the address — people can send you letters. -> - Your private key is the key to open the mailbox — only you can read what’s -> inside. + +:::tip[Think of it like a mailbox] +- Your public key is the address — people can send you letters. +- Your private key is the key to open the mailbox — only you can read what’s + inside. +::: ## 🔧 Generating a Key Pair @@ -37,8 +39,10 @@ To use GPG, you first create a key pair. During creation, you’ll choose: - A **key size** (larger sizes are more secure but slower). - A **passphrase** to protect the private key. -> 🔒 Your passphrase adds a layer of protection — even if someone gets your key -> file, they can’t use it without this password. +:::caution +🔒 Your passphrase adds a layer of protection — even if someone gets your key +file, they can’t use it without this password. +::: ## 🧩 What Are Subkeys? @@ -61,7 +65,7 @@ Your **primary key** is your core identity. It: - Signs your subkeys. - Can certify other people's public keys (used to build trust networks). -### Why Is It So Important? +:::caution If someone gains access to your **primary private key**, they can impersonate you. That’s why: @@ -70,6 +74,8 @@ you. That’s why: - It’s best to use **subkeys** for daily operations. - Some people even keep their primary key **offline** for maximum safety. +::: + ## ✉️ How Encryption Works Imagine you want to send a private message to someone: @@ -164,5 +170,9 @@ Whether you're just starting to explore encrypted communication or already managing multiple keys, GpgFrontend acts as a bridge — combining the strength of GPG with simplicity and clarity. -> 🧩 You focus on **secure communication** — let GpgFrontend handle the -> complexity behind it.
\ No newline at end of file +:::tip[] + +You focus on **secure communication** — let GpgFrontend handle the complexity +behind it. + +:::
\ No newline at end of file |