From f215a665060213a278e152a723f030587b7640f1 Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Sat, 15 Jun 2019 11:24:00 +0900 Subject: [PATCH] chg: [doc] Added more bits to GPG key. --- INSTALL/INSTALL.sh | 4 +++- INSTALL/INSTALL.sh.sfv | 6 +++--- INSTALL/INSTALL.sh.sha1 | 2 +- INSTALL/INSTALL.sh.sha256 | 2 +- INSTALL/INSTALL.sh.sha384 | 2 +- INSTALL/INSTALL.sh.sha512 | 2 +- docs/generic/globalVariables.md | 4 +++- 7 files changed, 13 insertions(+), 9 deletions(-) diff --git a/INSTALL/INSTALL.sh b/INSTALL/INSTALL.sh index 47b3a35f1..ac0ef2d71 100644 --- a/INSTALL/INSTALL.sh +++ b/INSTALL/INSTALL.sh @@ -120,9 +120,11 @@ MISPvars () { # GPG configuration GPG_REAL_NAME='Autogenerated Key' + # On a REAL install, please do not set a comment, see here for why: https://www.debian-administration.org/users/dkg/weblog/97 GPG_COMMENT='WARNING: MISP AutoGenerated Key consider this Key VOID!' GPG_EMAIL_ADDRESS='admin@admin.test' - GPG_KEY_LENGTH='2048' + # 3072 bits used as per suggestions here: https://riseup.net/en/security/message-security/openpgp/best-practices + GPG_KEY_LENGTH='3072' GPG_PASSPHRASE="$(openssl rand -hex 32)" # debug alias to make sure people are not confused when blindly copy pasting blobs of code diff --git a/INSTALL/INSTALL.sh.sfv b/INSTALL/INSTALL.sh.sfv index 69c3649ef..e1ab5e0b2 100644 --- a/INSTALL/INSTALL.sh.sfv +++ b/INSTALL/INSTALL.sh.sfv @@ -1,5 +1,5 @@ -; Generated by RHash v1.3.8 on 2019-06-14 at 22:52.36 +; Generated by RHash v1.3.8 on 2019-06-15 at 11:23.55 ; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/ ; -; 94592 22:52.36 2019-06-14 INSTALL.sh -INSTALL.sh D9B9052B1A36F9508133A30FA0CF032C8CC8ED2A BC04A3389E86FF6AAD8CF2A65EC90B9B9D67BAE8AE587D7D41FEC604622E4FE5 7368C27CFACEE38F698E2B6A1DEF9AB7C94E2FBD9DB6970BF14ED5F666A7DFB2C7D3CAAF5A464D1E3249929D60C56504 39CED06A3E493DA6309C2362056E90821CAF9215D644FF351ED76E7E76F7655FDBE7EC4F47BA6D04ABE6E084707C2B21C4F0F689CFE579EC7BA561137FE8538B +; 94835 11:23.55 2019-06-15 INSTALL.sh +INSTALL.sh 564E41C2909579424D411DECDF4A4254C397873B CDD652ACC031C5514D9ACAAEB5BD97211FCB892F38416DA6FB31320BB6882858 42B4551EC3F8FFD625944B3B4482078E6F5BF4D2A72DB155138BE31CE66BFA8A7D59F01D39107C0BB747270BC925121D A46B9891C1496E035C4F1281246AB44811503F6980A46050AF24A8D2849ABC8DC78F5F765A1F7915593B9AFB4073492546D36E471045C4785E2998EA984C0751 diff --git a/INSTALL/INSTALL.sh.sha1 b/INSTALL/INSTALL.sh.sha1 index dad0bcc7d..ccdd939af 100644 --- a/INSTALL/INSTALL.sh.sha1 +++ b/INSTALL/INSTALL.sh.sha1 @@ -1 +1 @@ -d9b9052b1a36f9508133a30fa0cf032c8cc8ed2a INSTALL.sh +564e41c2909579424d411decdf4a4254c397873b INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha256 b/INSTALL/INSTALL.sh.sha256 index 1276424f8..286753542 100644 --- a/INSTALL/INSTALL.sh.sha256 +++ b/INSTALL/INSTALL.sh.sha256 @@ -1 +1 @@ -bc04a3389e86ff6aad8cf2a65ec90b9b9d67bae8ae587d7d41fec604622e4fe5 INSTALL.sh +cdd652acc031c5514d9acaaeb5bd97211fcb892f38416da6fb31320bb6882858 INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha384 b/INSTALL/INSTALL.sh.sha384 index 8c070cc4a..96ea6193a 100644 --- a/INSTALL/INSTALL.sh.sha384 +++ b/INSTALL/INSTALL.sh.sha384 @@ -1 +1 @@ -7368c27cfacee38f698e2b6a1def9ab7c94e2fbd9db6970bf14ed5f666a7dfb2c7d3caaf5a464d1e3249929d60c56504 INSTALL.sh +42b4551ec3f8ffd625944b3b4482078e6f5bf4d2a72db155138be31ce66bfa8a7d59f01d39107c0bb747270bc925121d INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha512 b/INSTALL/INSTALL.sh.sha512 index a24440261..6e462ef48 100644 --- a/INSTALL/INSTALL.sh.sha512 +++ b/INSTALL/INSTALL.sh.sha512 @@ -1 +1 @@ -39ced06a3e493da6309c2362056e90821caf9215d644ff351ed76e7e76f7655fdbe7ec4f47ba6d04abe6e084707c2b21c4f0f689cfe579ec7ba561137fe8538b INSTALL.sh +a46b9891c1496e035c4f1281246ab44811503f6980a46050af24a8d2849abc8dc78f5f765a1f7915593b9afb4073492546d36e471045c4785e2998ea984c0751 INSTALL.sh diff --git a/docs/generic/globalVariables.md b/docs/generic/globalVariables.md index 412c542bf..420befbe1 100644 --- a/docs/generic/globalVariables.md +++ b/docs/generic/globalVariables.md @@ -57,9 +57,11 @@ MISPvars () { # GPG configuration GPG_REAL_NAME='Autogenerated Key' + # On a REAL install, please do not set a comment, see here for why: https://www.debian-administration.org/users/dkg/weblog/97 GPG_COMMENT='WARNING: MISP AutoGenerated Key consider this Key VOID!' GPG_EMAIL_ADDRESS='admin@admin.test' - GPG_KEY_LENGTH='2048' + # 3072 bits used as per suggestions here: https://riseup.net/en/security/message-security/openpgp/best-practices + GPG_KEY_LENGTH='3072' GPG_PASSPHRASE="$(openssl rand -hex 32)" # debug alias to make sure people are not confused when blindly copy pasting blobs of code