I am trying to setup pEp on an iPhone and iPad. I have pgp keys already on my main computer and an Android tablet. It looks as if I need to set my keys into a file and have it uploaded to an iTunes account. Is this really secure? My private key would be setting on a server not controlled by me.
iOS key import security?
- 13 replies
- last reply by skida Feb. 23, 2022
-
-
Hey TitaniumMan,
on Android you can import your keys directly via a file and then you can sync with your iOS devices directly - that way there is no need to have iTunes involved. Maybe thats better for you then?
https://www.pep.security/docs/android.html#pgp-key-import
and
https://www.pep.security/docs/general_information.html#pp-sync -
Ok, didn't wrap my head around the pEp usage yet. I was defaulting to pEp on the iPhone because I couldn't find an alternative for openPGP. I use k-9 with openkeychain on Android and Evolution (with openPGP) on my computer. If one of the devices uses pEp, then I can sync from there, got it. I have also found mobiMover here: www.easeus.com/iphone-data-transfer/transfer-files-from-pc-to-iphone-without-itunes.html. So I will try this one first. As a new pEp user, I will see how this goes, and maybe move the other devices over to pEp. I will post my results with mobiMover so others can know what does and does not work.
Thank you.
-
Ok. MobiMover does not work. But I had another thought. If I cut and paste the private key into my email, and then encrypt it with my private key, attach my public key, and then email it and open it in pEp, would I be able to unencrypt it?
-
Nevermind that message. I realize that won't work. I will try your original suggestion.
-
Perhaps you could use
github.com/marchellodev/sharik
to upload the private key to your iPad or iPhone without involving a second server.
(a time ago, snapdrop.net worked fine, too, but at the moment this project seems dead)
(another project which I havn‘t tried yet is github.com/LANDrop/LANDrop )
-
Thank you skida. The sharik process allowed me to get the keys over. Now I am having trouble importing them. When I select pgp key import from inside the app, I just see a blank screen. If I try to set my own key and type in the fingerprint of the key I want to import it doesn't accept it. Is there a process for getting the keys to pEp? Thanks.
-
If I remember correctly, you have to put your private key into the pEp-Folder of your iPad or iPhone. Its ending has to be „.asc“.
-
ugh! This didn't work! Sharik sends the keys to the download folder connected to icloud!!! The keys have been compromised! I have to make all new keys!!
-
oh, sorry for this. I really did not intend to anger you; I didn‘t know, because on my iPad the download folder is local and not on icloud…
Anyway, if you want to be really secure, you shouldn‘t use an OS whose manufacturer you don‘t trust. But such platitudes don‘t help now, I know.
-
By the way, I tried the same (importing a key from GPG into pEp), but it was useless: There is no option to import other public keys into pEp manually, so I could not write to other GPG-users encrypted. And I did not find a way to export public keys from pEp, so that I cannot write to other pEp-users from my GPG-account because I don‘t have their keys. The public keys are sent by pEp somehow together with the message, and GPG cannot handle this.
So my conclusion is, that pEp und GPG are incompatible. Perhaps (hopefully!!) I‘m wrong, and if, please correct me.
-
Hey Skida,
You're wrong :p
www.pep.security/docs/general_information.html?highlight=pgp
"p≡p is not OpenPGP, but uses keys in the OpenPGP format. In order to support all users, p≡p has also implemented an OpenPGP mode which supports and automates OpenPGP standards as much as possible when the other party is an OpenPGP user." (PGP is the standard, and GPG its one of its implementations.)p≡p itself is based on sequoia: sequoia-pgp.org/
The very easiest way to import keys of others is, to just add the key as an attachment to an email and send it to yourself. In Thunderbird there is a particular public key import function for this, and the other apps might follow soon (or misusing the private key import for that works often, too).
But still: The "send a mail to yourself" option is just the very easiest :)Here as well, the easiest is to just grab it from a random outgoing email - as every mail has the key attached. pEp-clients will hide that key, but if you open the mailbox in any other interface (e.g. webmail or just the good old plain-text-view) you can just grab the "sender_key.asc" attachment, and save it somewhere as "myPublicKey.asc" as you wish.
There might be a GUI way as well to export, which I dont even know about... cause grabbing from the mail is just the easiest. Same for external communication partner btw :)
-
My anger is at my own stupidity. I should have turned off backups. I am more frustrated with Apple than anything else.
-
Oh, great! Thank you for your explanation! I didn‘t recognize the public key from my own mail when writing to another mail address. But perhaps there was another error because of the failed sync-process….
I will try again.
