当前位置: 首页 > 工具软件 > Keybase > 使用案例 >

keybase

柯耀
2023-12-01

Install Keybase

Keybase is a website, but it’s also an open source command line program. Let’s walk through a terminal example, which illustrates what Keybase does. All of this can be embedded into other software, written by anyone.

We can get more information about top security researchers in the world with keybase.

# installation walkthrough
npm install -g keybase-installer

keybase-installer   # this gets the latest version
keybase version     # this should then work!
keybase help        # this should be helpful!
keybase signup      # reserve that username

Keybase Help

lab:~/ $ keybase help
usage: keybase [-h] [-v] [-p PASSPHRASE] [-c CONFIG] [-i] [-d] [-q] [-C]
               [--port PORT] [--no-tls] [--host HOST]
               [--api-uri-prefix API_URI_PREFIX] [-B] [--preserve-tmp-keyring]
               [--homedir HOMEDIR] [-g GPG] [-x PROXY]
               [--proxy-ca-certs PROXY_CA_CERTS] [-O] [-M MERKLE_CHECKS]
               [--tor-proxy TOR_PROXY]
               [--tor-hidden-address TOR_HIDDEN_ADDRESS] [--tor-leaky] [-S]
               [-T]

               {btc,bitcoin,cert,dir,code-sign,config,decrypt,dec,encrypt,enc,help,id,identify,join,signup,keygen,gen,generate,list-signatures,list-sigs,list-tracking,login,logout,pull,push,prove,proof,reset,nuke,revoke,revoke-signatures,revoke-sig,search,sign,sig,status,switch,track,untrack,unverify,update,verify,version,vers}
               ...

keybase.io command line client

Optional arguments:
  -h, --help            Show this help message and exit.
  -v, --version         Show program's version number and exit.
  -p PASSPHRASE, --passphrase PASSPHRASE
                        passphrase used to log into keybase
  -c CONFIG, --config CONFIG
                        a configuration file (~/.keybase/config.json)
  -i, --interactive     interactive mode
  -d, --debug           debug mode
  -q, --quiet           quiet mode; only show errors, suppress info and 
                        warnings
  -C, --no-color        disable logging colors
  --port PORT           which port to connect to
  --no-tls              turn off HTTPS/TLS (on by default)
  --host HOST           which host to connect to
  --api-uri-prefix API_URI_PREFIX
                        the API prefix to use (/_/api/1.0)
  -B, --batch           batch mode; disable all prompts
  --preserve-tmp-keyring
                        preserve the temporary keyring; don't clean it up
  --homedir HOMEDIR     specify a non-standard home directory; look for GPG 
                        keychain there
  -g GPG, --gpg GPG     specify an alternate gpg command
  -x PROXY, --proxy PROXY
                        specify a proxy server to all HTTPS requests
  --proxy-ca-certs PROXY_CA_CERTS
                        specify 1 or more CA certs (in a file)
  -O, --no-gpg-options  disable the GPG options file for temporary keyring 
                        operations
  -M MERKLE_CHECKS, --merkle-checks MERKLE_CHECKS
                        check that users' chains are reflected in sitewide 
                        state, one of {none,soft,strict}; soft by default
  --tor-proxy TOR_PROXY
                        specify a Tor SOCKS proxy
  --tor-hidden-address TOR_HIDDEN_ADDRESS
                        specify the Tor hidden address for keybase.io
  --tor-leaky           override Tor strict mode
  -S, --tor-strict      Don't show any user-identifiable information to 
                        server; might break some features
  -T, --tor             enable Tor proxying with default settings; requires 
                        Tor Socks5 proxy on port 9050

subcommands:
  {btc,bitcoin,cert,dir,code-sign,config,decrypt,dec,encrypt,enc,help,id,identify,join,signup,keygen,gen,generate,list-signatures,list-sigs,list-tracking,login,logout,pull,push,prove,proof,reset,nuke,revoke,revoke-signatures,revoke-sig,search,sign,sig,status,switch,track,untrack,unverify,update,verify,version,vers}
    btc                 add a signed cryptocurrency address to your profile
    cert                print out the CA cert the client uses to authorize 
                        HTTPS connections
    dir                 sign or verify a directory's contents
    config              make an initial configuration file
    decrypt             decrypt a file
    encrypt             encrypt a message and output to stdout or a file
    help                display help
    id                  Identify a user, but don't accept or reject trust
    join                establish a new account on keybase.io
    keygen              generate a new PGP public key and optionally push it 
                        to the server
    list-signatures     list of your non-revoked signatures
    list-tracking       list people you are tracking
    login               establish a session
    logout              logout from the server
    pull                pull your public (& private, if possible) key(s) from 
                        the server
    push                push a PGP key from the client to the server
    prove               add a proof of identity
    reset               reset the local setup, deleting all local cached state
    revoke              revoke the currently active PGP keys
    revoke-signatures   revoke a proof or signature
    search              search all users
    sign                sign a message
    status              print current status
    switch              switch to a different user, and nuke the current state
    track               verify a user's authenticity and optionally track them
    untrack             untrack this user
    update              update the keybase client software
    verify              verify a file
    version             output version information about this client

Keybase Demo


lab:~/ $ keybase id hdm
✔ public key fingerprint: 98EF 5533 E7EA FD56 9669 59B5 7549 FB3D B1DD 1F32
✖ "hdmoore" on twitter: https://twitter.com/hdmoore/status/572885946594566145 (failed with code 160: ETIMEDOUT)
✔ "hmoore-r7" on github: https://gist.github.com/f16a34183692b7682774
✔ "hdmdh" on reddit: https://www.reddit.com/r/KeybaseProofs/comments/2xu771/my_keybase_proof_reddithdmdh_keybasehdm/
✔ admin of hdm.io via HTTPS: https://hdm.io/keybase.txt

lab:~/ $ keybase search -j exploit
[
  {
    "username": "exploit",
    "score": 1.1
  },
  {
    "username": "hexploitable",
    "key": "ed7690d3cb6fed5918477b6d7991842bdcda1f69",
    "github": "hexploitable",
    "twitter": "hexploitable",
    "websites": [
      "dns//hexplo.it"
    ],
    "score": 0.011923076923076925
  },
  {
    "username": "soleblaze",
    "key": "621904bcad0aa109bc11b65d748251e4e26f7953",
    "github": "soleblaze",
    "twitter": "soleblaze",
    "reddit": "soleblaze",
    "websites": [
      "dns//exploits.sexy",
      "dns//skyshadows.net"
    ],
    "score": 0.011111111111111112
  },
  {
    "username": "spaze",
    "key": "4bd4c403af2f9fccb151fe61b64bdd6e464ab529",
    "github": "spaze",
    "twitter": "spazef0rze",
    "websites": [
      "http://exploited.cz",
      "http://www.dearcomfortzone.com",
      "https://www.michalspacek.cz"
    ],
    "score": 0.010000000000000002
  },
  {
    "username": "adamcompton",
    "key": "7a71df0bf4905f4fef95aeb3d32b2743762d5196",
    "github": "tatanus",
    "twitter": "tatanus",
    "websites": [
      "http://www.exploitsearch.net"
    ],
    "score": 0.0011111111111111111
  }
]

References

https://keybase.io/

 类似资料:

相关阅读

相关文章

相关问答