age: actually good encryption

What

AGE - Actually Good Encryption

Really easy to use (I mean, compared to GPG…)

#TODO: check out minisign for signing

GPG vs AGE

• Github discussion
• Blog post
• age: the modern alternative to GPG

TLDR:

• age has better simplicity if the main goal is encryption
• However, gpg has signatures

Documentation

Personally, I found the docs to be a little… terse. But, that could very well just be a “me” problem.

Luckily, it’s AGE is ultimately quite simple - and a few blog posts got me to where I need to be. I’m not going to rehash what’s already in the docs, but here are some short notes & thoughts:

Check contents of passphrase-protected keypair

You might not know to do this, but you can (maybe someone else that isn’t me would have intuited this faster). Useful if you forgot the public key. Caveat: you must remember the passphrase 😅

$ age -d ./key.age
Enter passphrase:
# created: 2023-08-19T20:04:32+08:00
# public key: age156umuxyuwxqsyydf74ekxlcantyemphv3du0fcum0f9vnkjck3jsf5eldt
AGE-SECRET-KEY-SOME-LONG-STRING

Send stuff through SSH

This is really cool.

$ curl https://github.com/benjojo.keys | age -R - example.jpg > example.jpg.age

You don’t even need a recipient’s AGE key to encrypt stuff for someone. You can just use their ssh key.

Now, if only I had someone to send stuff to…