PGP Keys for Eric Duncan

I have published my public PGP keys below for my two main email addresses. I have also published my PGP keys in the MIT directory pgp.mit.edu as well that are linked to the same email addresses. If at any time I need to revoke a certificate, it will be revoked there.

I will also be on Dark Mail when it launches and will update this page with my public key(s) from it as well.

Therefore to keep up with any changes to my PGP and Dark Mail keys, you may want to subscribe to updates of this page at GitHub.

Eric Duncan <eduncan911@gmail.com>

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.19 (GNU/Linux)

mQINBFPrmdQBEADL8cTKs8KUBM3r27HID779S/NhKxlfrAoOxfI/nulh/VngE+Hg
Cgn9jE8n/cG19RK5oUbq6I8x4nmCB3lszgYz70at3LOTxjxmoMwAVLGTJj4udJBY
h33pBGBmiyN1m89ztGC6NkNLKp85BmCEkDjG8gou5teb+ejuxhgkSsa1Belo3Mao
3hqJWHGyUqt/O6v4LcfuUHuAB1bBm4Vhzvc0wd7+nbZJ8bFYKVzP0WbN8MqyugiY
wwRGF2aWYK1SLGFOYmrHDwBHBo1FOfhPAXNXXC6zyybFIuwwHiODJrjkWnM7xhJ1
plpyPaOYF24kOLNNQYSw0Q95FAuhyyJ7Mw9slIT3P3+JtCXxnQyhBDmF8BsPvF81
jVRGtjA5jKXjKU+eZ1uUpDnHt0zxRWaRwQLzgY2dRT7Uk8DB1loRJGP0Ply2ZWQG
7QzhnvHQ4s8ZIJM3IeOszk3bma+aQeZ1tUMBMlD3ugQ4o1r6Zt/LkN9IhfdFSXMS
YxTJOwOUfRlOJ7zx0S6senzLPRFUEbyWTvXtsU9dVbMKdfa6Bp/0FdehHYiPm+u3
6OIjNMbE5sF37jqIIPwd67jxnsI+ohIYEncvp/8T26oh+vomgrjwEa11zhVSjJCI
LgQXQn3xEhrGzol8yqyq7ov6HcFdIL/bnyZ3mSIiX/9f8hyMq3HYPEkU4QARAQAB
tC9FcmljIER1bmNhbiAoZWR1bmNhbjkxMSkgPGVkdW5jYW45MTFAZ21haWwuY29t
PokCPwQTAQIAKQIbAwIeAQIXgAUCU+ucYgoLCQ0IDAcLCgMCCBUKCQgLAgMBBRYC
AwEAAAoJECgJT2oXiqK3rOEP/jw4l9PPcqgfIrv1EFy8yY3y2aW2jJtw+LnWbBt7
OFqN58U+Q97rs14kTty/favoC59h6hpEl/6s5bhF+hzRitcMvVHXpmQHGRoU+2id
X7AXQH5rd2+3+7n5Zvpgky42J1eheuj93nD3vhVzDbVpNB/OeCiv+LA9e1n+u9rg
kcgiaDJ2zcNF8UHXIOnLtNwxyUW/Xdn2VvilUIdBmDu9DrYgo4d0NROypnnMUX8q
28GyURM3DMbrhZ1pY18oDlTjeNTt6kQnG0182muIn4+hDcyaJ4giviaMoQII9ZHC
T+tR0t9h+UslOBlAD/akdnHKC0TH0n4g0e3y8q9CPhXJQFs7KflEG+4LkVcFrSSI
eqb04zrgtVLDDc/ph65vwQplGYbIjuzLpWs5a4F/pBfRdidAmQYpJTv+BYB8m0F2
b64JPLMYIjKNITeAZXEQ1SHK7/ANAb2uZhkSIr7gYSvDBKHVUgwbxVkoc62lJX/7
V7en1rZ7f295vMspqbdEY4rAZODMTHvCEnJ23TZYasQDFUTiB+d7KhzJb22g7PsU
FmynQfJEKujbPqYW60NxEWhssZTowG7GPzsB/A6zAtjuGceC9pjNMTc2Bmktbauo
yLAxZDNQB+/Khepi7W56k65FGVHzaNB8y0KVGBlTwnwFpRrEIVzKb4XY/o7gSrTM
ha8KuQINBFPrmdQBEADdY6FCghc9RmOorKhH+oAUcyyra9cXF4/y0q3SlhwFnIVm
FlbFiWWEElaYsYSNU9WIfukVUZ86fYVRnvu6TNIqeH25zhqivKETuwDIRStWKolY
2l5s4tfaPU+O1mozCSVu8SylZFge2aAbfx04r2HwNxUYiny10yX/KABIHPt7u+pC
unN/pILxh0UzDNBEHAJNP6tfFBDwD1pJJW8pCZIkAYB1FyV5PhAq7ya8vZKN/W8+
3Dxf514QhUcRP0C807xI5zw9ptGCe2BGAswAjBCN0IPhhA/MWb+58ibICZo0ySf/
yi1+HQtR09EdBj18xS3mhAhS5GaV06lkdTLNLQso0SJaelX2NdQg1QxouhXnNx5h
bcjAFQo7bjZURHeFa36ohfyf3MIXWESZymBAFZs+qfEq5WCO/raCX+1Fb2Xhkvs+
Z2uBAES0KGoQSJvIZBEiV6t/CmYgwTFnRBcfyXbiRQ6dAhssIN4qZPCKFXGN0K29
VGertEoaJotUI51NwvY9yke4miTOu9ZtmKsN9yr1iiuyJC4kk/jzK9TbNeZZQ9Yf
yEGGbOUC7VTT8YmFX3SXOh171xwhcMF5Ke7Dr1P5qXol9MU1Hpm2eHhLUilZboju
ks94AmKpWZn+sPHEtWsPpMPmY4fSUXiXZbr/Z8taglvgltDxAEwdJtIpvL7WUQAR
AQABiQIfBBgBAgAJBQJT65nUAhsMAAoJECgJT2oXiqK31zUP/1lfteCSefNgMpPl
tseAOFAJ03qoCkioQMUiuU5EWimwUE4DZSqZIZA4ZWdDp3TDxkyqwV30ry+B6jjL
tw4q/84clHuJWC8kRcBU+4v0HR5xaU4sTKlsuOnv1pKorTwGSN10dMDWi9ipy/KM
iNQuUi7o4Iszl7IOgafkTDuD4Lz+RpCd09ug8bvZrHH4boGRYtZGZMUvhJZ33+/H
+5GMrnhOrbL9K19ghYR5nQzWXQzpG68auMkHmBnP71JTa1U4cdMsqOM1nH8mhPgN
15PSaYVbzpDz4UgfGtCPWfzDo7fM9hpmFLPdfTzAR3n50TFEBq7hEVPdmlniCg1i
CBiQ7NXWIqDv//Jk1XeA+SvczYJitsVSata/qFEzuNS1t3NNiLWuk3WLo1gA4z/u
HXEgt275NOINKkrNqM16QvI8I6hsmuXZg4I+DI0R8ONJRqhrGzzFf3wfE1spXWrm
MquiZXJ7GEvn4wtRcYVOcDtxPRxTyCtTt/PGhkDsfFfNNdHjB/HRl49MKY4yHIAD
kEGYA8lAWpbRkWzHKkU32H/VnoSdQ4kg0cBAWfBXJ9HgxB6W9ofX5qner+eoyo+U
VMJENojV4UKigf/mmPtJpIFqS7RY1dIHJalfRaFef6mcJ13WKdejiqvtdnqQNU39
pKgT/rdol/9eVpkNDl2fdF1l4W8a
=ue90
-----END PGP PUBLIC KEY BLOCK-----
Verification Fingerprint
1
2
3
Key fingerprint = 321F 31A7 BB1B 60C7 490F  B80B 2809 4F6A 178A A2B7
Long Key ID     =                                2809 4F6A 178A A2B7
Short Key ID    =                                          178A A2B7

Eric Duncan <me@eduncan911.com>

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.19 (GNU/Linux)

mQINBFPrubYBEAC/z8jhm1lZXfuLrrRLkd0Yk0AlUJcxpfRLsSXEoI6BxTYHDbvr
Ux5R9NROW1FdVE7atL38xHTzzoiiU+1b+DZybO8M4w4SusOzf3rat54mBKsnj/rF
5fZT1tSyYu4vat0fCGmZz2hupf3B6D2uM9/7Jd4BH9G1HYR9t55cGpfuN9gW8nQl
rXiv1Zt///j+kcdyyQKMWMaHgzTdo2MLyvM18CnF38Hqmh/J47fNSMQnIlV8AbOD
8tb4qCc9t5RyrA2+BfGnoFfT9VTYw71BHdVZUF9q/PLSntzMdYxntzUlG5flSiL8
BgSNDAAeNZ7M+7JgJ1GAU4u1sVJtjjmswwMY41MsmG+OhsaTovnkxys5bvGkJUFe
AHJXqukmlUBmRYfHsNZ1Xppqm0BEktSp47Bezh1/8uoASpH+0km5713HPQwrFed9
EBbP5SIeTIRz9GkgqViinYZbQIge/xc3so71jbRo0N16/3bM65AHwu/DcfslCh3R
hlumzTjQxUchF9H5Yh2W63CnsxCENnAM6gtnj+3h4RUOrWgYYn9Tm17dwjfnRfr3
NiTy5eSnhbeSmXtDfkc6NMXDhTnqJ3TjirvrcGxN2LU+qr203YbghI9h2UV3PYfa
2nQjQLaHx/UlzH3Y4B3f4+4nvrO61SMimlVe9re+ioDEyBuMjQPD8zXF4wARAQAB
tCxFcmljIER1bmNhbiAoZWR1bmNhbjkxMSkgPG1lQGVkdW5jYW45MTEuY29tPokC
PwQTAQIAKQIbAwIeAQIXgAUCU+u6dgoLCQ0IDAcLCgMCCBUKCQgLAgMBBRYCAwEA
AAoJEFzg+VqlEKqM9+8P/1hjl1/5tc/e7InRwiFUOsKeiWNaAPupSgNyKXplzTIl
lqUXewLLOdZIzwbR/lgje9f5/bs0GKzIQ8/VtVdVd+JHjWZss9uQolxnR4uxds8w
+ymMoHa9bhX6zwSzlj3ns+ywAk4BaZ4yLmXl9TQoW2NS9FyPZf9jNeR7+mvnOFPS
WRouHm4vO8ePqXCpdkb0aeS6piSsMut1Mg6JRKO0zsJn8M8PChPY1tR6HLpmEjRC
Kp/L3EsULhmCPjfGiVOetVOC6hXv68Us1N2D/P5sIR3MCQO4dJ6lHoL7enwGv7Wr
3/couuaI41OJFB+C3eW3a3KPZBZ6FqOo+9Zp043Et4FtTw2fu9lsDhwPoDEbohX9
S/ZRQUZpEfE/kC/0XbQDrgFo3UbhNlu2etfkIpnL6Fb3PS9eXhmcCPuXMTMM37BL
XiV6+0MRodbrK8fsv1eXnNftJvIteN6Z63/ForVt9jpfV5g802egKrbcfX72M84h
7pNCLaoagabT+vbZq5eP9PLWPvT6DS8HyiTGhWSPf0X6zjBOmPEXGazj3v0rX5uh
2r/YqXT7MWVugRJdCAF93zTDEVkWBcqr/kbc/77XrG4Wn7ajaBi4KkjTfwOX8Gcb
kZ3WObZg8Ex1JLtwOocqn6YVYxas5t0ORoE8ZSAtcLhqJC7MCpmpAueYdM7gFMul
uQINBFPrubYBEAC6NiEFIc71gwwVUe2L8t6t5h7ximMY0lcW3Vocc5hQqJkEqGyH
D3Jimo2sfC7yWV76RZlgqZJ6CIZRwHYnX6WeXGSF7XCYs5Q6lfV+s1QCLOVi9t8/
/ABtzk5DKAi5dGFMfIVVv9eyqRaP5TXolxE054o9YGsM2SAxObBMbGQkWWIr9sqh
jGNpj/jO4zuGpzvFZdtJeDaME1M8e81omeEhc8+9ely6BM/7ktikwx6wuvElc6hc
DSp5M87nDKhaJmWK69T4IM2Rx/C6kemGPqX9o0nWl6+8lsBBSKLHJd5a38Acxchi
rDUPObIPRmXb/QtWDaswZmfNgny+gNtaGpjK1RQC6JhEoTfuH4F4GstP1DjO8zK5
5TbDJdu3alTrruT9rgBzIyhlidYOiAmPjppkFgmeifB3q5mLP3ZoRSJ0hnCw120w
O4FNyeHrWT2xNsMsINHx8BmfS5lhTur22adX9+lNYxrLSAqoy3tkqXirwnZJzqI5
MopP3UHv7KpHfah+FnfOU2l+MUlEZ9cBHwRkWYthSaiyI7c0MUOgi+6GA90ltR0Z
C39hfeJmgOm/8N6uBClrp1z7a+Ss11ntjxBI+wwtMbpA6jr3Be+n6UOjNXxCowf6
uG1iP711vdRgRtbMm3aG9R6412s8qQH+mH/d0XXB5YS1NycGuk4rWGezDQARAQAB
iQIfBBgBAgAJBQJT67m2AhsMAAoJEFzg+VqlEKqMXrkP/i/Vbm12xBXHToZ1q/IG
Pzu4dTZgiGARc5kZy9qWv5pZ1QaXsS03xgO0k0lR25chg6ihgtilj75Gz5+prT2o
tpTgO5B64za+ptbxwydOepaIWK4fhYE1St2MTqtFR3CktzzCftTAgsy846/oxFwD
OAwql/5YRD7UgkRbnnV44kl6zoksSnfVAmCQIPVtaNdM8vKUFXHtVIsoqujy37wa
Y/FFdYpowDCb9SMgae7zvf0wvj8YjkoWznkl0ewHsjq4n9WXlXtPgMtnkI/QX0k7
90tJSNygG85DCoHtntHy7JfgwJTtrt3OMp1dIArcu79fKGrz4ydZTbRb6F9l+xde
q4/sYNDdsF4aTsEZFEOzlSzLWyws1a3tFkd9x7wiaaQPc+d9UqN3KcS/T6Zsx6gC
FelP9T+kQPfp3m8QpDMos3GbMjVnM5J63/Rbfcreu6lAaz7fD4/ofvp+0m2hCJmD
Kni4l7ctNov7HN5poOb0okOTUbFsCjI0tg67iDXJP+q16j0kmKm0E9HprpmF1W90
9GGtq4XCPMWAuQi3MqOPTVTbMsfJBhjC1UDv/IU/NyE/Nb0W4eMSmI73bb6Rqmu/
VAhlv4/Rkx/XzLX4Sj0EpzORGnJdxQ42+5tpVW+EzX6+jGblZ71QCf8lxT1OLIDL
elamU/ePiUlrHh987C4x2r3n
=Dstu
-----END PGP PUBLIC KEY BLOCK-----
Verification Fingerprint
1
2
3
Key fingerprint = 78A9 13EA AF81 2415 4B50  0B2A 5CE0 F95A A510 AA8C
Long Key ID     =                                5CE0 F95A A510 AA8C
Short Key ID    =                                          A510 AA8C

Verifying Me: Eric Duncan, aka eduncan911

You can use the fingerprints above to verify the PGP key if you trust my website to be an authoritative source.

To verify that my website has not been tampered with, you may review the commit history on GitHub for any updates other than me along with the datetime of the last updates:

https://github.com/eduncan911/eduncan911.github.io/blob/master/keys/index.html

This link shows this actual page you are viewing right now as it is being hosted directly on GitHub Pages (GitHub served you this page, as you are reading it).

Therefore, it can be safe to assume verification of my fingerprint by viewing any tampering or updates to this file in the commit history listed on GitHub.

My GitHub account is protected by two-factor authentication so you can assume that my username/password has not been compromised for an unauthorized update to this page.

GnuPG Tips

I am archiving a list of gpg2 commands I use from time to time for me when setting up new systems, generating new keys, revoking, etc. Feel free to use them as you wish.

Most of these I have sourced from Alan Eliasen and I highly advise you read that link.

Generate a New Key

Generate a PGP Key using GnuPG
1
gpg2 --gen-key

Make sure to pick 4096.

Use Stronger Algorithms Before Posting the Public Key

These sets of commands will change the algorithm used even though GnuPG Version 2 already upgraded it to pretty strong ones. That Version 2 upgrade though doesn’t allow for older weaker encryptions possibly used by other addressees in the same email. Therefore by setting the chain below, we stay compatible with older versions of GnuPG software that uses weaker algorithms by default that happen to be addressed in the same email (e.g. mostly Windows users).

Upgrade the Algorithms used
1
2
3
4
5
6
gpg2 --list-keys
gpg2 --interactive --edit-key your@email.address
gpg> showpref
gpg> setpref AES256 CAMELLIA256 AES192 CAMELLIA192 AES CAMELLIA128 TWOFISH CAST5 3DES SHA512 SHA384 SHA256 SHA224 SHA1 RIPEMD160 MD5 ZLIB BZIP2 ZIP Uncompressed
gpg> showpref
gpg> save

Generate a Revocation Key

Be smart and generate a revocation key and store it indefinitely in a secure location so you don’t look like an idiot.

Generate a Revocation Key
1
gpg2 --gen-revoke --armor --output=RevocationCertificate.asc your@email.address

Get the Public Key

Now that you have updated the algorithms and setup a revocation certificate, your public key is ready to be published.

Get the Public Key
1
gpg2 --armor --export your@email.address

Fingerprint: Verifying Identities

So that others can verify your identity, generate a fingerprint that you can carry in your wallet, show over Skype video chat, etc.

Print your Fingerprint
1
gpg2 --fingerprint your@email.address

Use the command above to print out the fingerprint of other people’s fingerprint for verification.

Backing up a Secret Key

One method is to export your key as ASCII that allows you to print it (for rescanning later as it would be error prone to type it manually), or to store it in a key store (which in itself may be a bad idea).

Exporting a Secret Key for Backup
1
gpg2 --export-secret-key --armor

Optionally, you can specify --output filename to dump it to a file.

Signing Someone’s Public Key for Local Usage

So get rid of the warnings in email clients, signing the public key tells your system that you have verified and you trust the public key.

Signing a Public Key
1
gpg2 --sign-key their@email.address

Or for trusting someone on a low level:

Signing a Public Key, with Trust levels
1
2
3
4
5
gpg2 --interactive --edit-key their@email.address
gpg> sign
gpg> trust
gpg> save
gpg2 --export --armor their@email.address

Import Someone’s Signing of Your Public Key

After someone verifies who you are, they may want to send you a signed certificate. You can import this signed certificate locally for any emails you send to them in the future.

Importing a Signed Key
1
gpg2 --import

Locally Signing Someone’s Key

If you don’t care about verifying the identity of a person’s public key, you can just locally signing their public key blindly ignoring it.

Blindly Sign Someone’s Public key
1
gpg2 --lsign-key their@email.address

Publishing your Public Key

You may want to publish your key using GnuPG’s command line, especially to multiple servers.

Publishing your key
1
2
gpg2 --list-keys your@email.address
gpg2 --keyserver pgp.mit.edu --send-keys [KEYID]

The Web of Trust dictates good practice of personally verifying someone’s PGP keys by publishing your signed version of their PGP key publicly. Once you sign their key using the procedures above, you can publishing their key using the same —send-keys method above.

Encrypting a File

You can encrypt files using PGP.

Encrypt a File
1
gpg2 --encrypt --sign -r your@email.com filename

If you want to be able to decrypt the file in the future, you must add your own email address to the list of receiptents. The -r does this for you.

But say you want to one-time encrypt something to send. Most email clients keeps a Sent history (if you are sending it in email). You don’t want this! What if your private key gets compromised and a few years goes past – then, someone with that old private key has the ability to decrypt that old email archived off in your Sent folder.

Therefore, you can omit your own email address. Just remember you will never be able to decode it – ever.

Alternatively, you can encrypt it with —armor that will print out the contents in ASCII mode, making it easier to paste into a text file or email.

Encrypt a File with ASCII Output
1
gpg2 --armor --encrypt --sign -r your@email.com filename

Summary

That’s about it for the tips.

There is a lot of reasons I skipped over that is listed on Alan Eliasen’s site. I pretty much consider it required reading before I trust you as a PGP sender.

> Revision History