Privex Inc. GPG Key List

Privex Inc. GPG Key List

Whether you're looking for our shared customer support key, our CEO - Chris (Someguy123)'s key, or even our Package Signing Key (DEB/DSC/RPM/etc.), all of our GPG keys are listed on this page, in both an easy to navigate and read table, and in-depth explanations of what each key is for, when/why to use it, etc.

Not sure how to use GPG? We have a guide that explains the purpose of GPG (GNU Privacy Guard, sometimes called PGP - Pretty Good Privacy), along with the basics on using GPG's command line interface HERE

Generally, as a TL;DR: - if you're just wanting to encrypt your communications between yourself and Privex Support, you should use our Privex Shared Support Key, which is shared between our most trusted staff members, and is re-issued every 2 years or less - to protect against the risk of key compromise, or use by staff who have left the company:

Privex Shared Customer Support Key - for general encrypted GPG communications with Privex Support

Fingerprint: 17E8 77C3 5C3E 886A 5232 6C6A 288D D163 2F6E 8951 (17E877C35C3E886A52326C6A288DD1632F6E8951)

Long Key ID: 288D D163 2F6E 8951 (288DD1632F6E8951)

Short Key ID: 2F6E 8951 (2F6E8951)

Expiration Date: 2023-01-19 (Jan 19th 2023)

Direct download (hosted on our site): privex-support-2021-2023.asc

Table of Privex GPG Keys

NameShared?Fingerprint (last 8 chars = short keyid, last 16 = long keyid)ExpiresDownload
Privex Support TeamOnly long-term staff members who are 100% trusted to preserve customer privacy 17E8 77C3 5C3E 886A 5232 6C6A 288D D163 2F6E 8951 2023-01-19 (Jan 19th 2023) privex-support-2021-2023.asc
Privex Inc. Package Signing Key (DEB / RPM / etc. packages, including apt.privex.io custom packages) Currently only Chris + Kale. Only used for signing packages on apt.privex.io 3743 5560 EA6B 93F0 2B53 2F18 A07A E80F E77A B97B 2022-11-06 (Nov 6th 2022) apt.privex.io-packaging-2020-2022.asc
Chris S. / Someguy123 (CEO)NO! Staff personal key - never shared! A4A1 0213 ECA1 B50E 32E6 9180 DDB3 6F2B 5528 4433 No Expiry. chris-someguy123-privex-2017.asc
Kale S. / Kryogenic (CTO)NO! Staff personal key - never shared! 4274 DEF7 4745 3454 CDA6 AED5 BED8 EFF8 9F1F 7520 No Expiry. kale-privex-2019.asc

Quickly download all Privex GPG public keys at once

Download and import into GPG with a one-liner

We publish a combined.asc file on our CDN, in the /gpg/privex/ folder - which contains all of our current GPG public keys, glued together in one single file, simply separated by a newline.

Direct link: https://cdn.privex.io/gpg/privex/combined.asc

One-liner shell command to download and import all of Privex's GPG keys into your GPG keyring:

curl -fsSL https://cdn.privex.io/gpg/privex/combined.asc | gpg --import

Using gpg --recv-keys

(1) Download and import GPG keys

One of the best ways to obtain people's GPG keys is by using GPG's key downloading functionality. (gpg --recv-keys)

The following command will import all of these keys:

  • Privex Customer Support Shared Key (2021 to 2023) 288DD1632F6E8951
  • Kale S. - Privex CTO BED8EFF89F1F7520
  • Chris / Someguy123 - Privex CEO DDB36F2B55284433
  • Privex Inc. Package Signing Key (for apt.privex.io DEB packages) A07AE80FE77AB97B

Command

# Download + import Privex Customer Support Shared Key + Kale S. - Privex CTO + Chris / Someguy123 - Privex CEO + Package Signing Key
gpg --recv-keys DDB36F2B55284433 BED8EFF89F1F7520 288DD1632F6E8951 A07AE80FE77AB97B

# gpg: /home/john/.gnupg/trustdb.gpg: trustdb created
# gpg: key A07AE80FE77AB97B: public key "Privex Inc. Package Signing Key (Privex signing key for DEB / RPM / etc. packages, including apt.privex.io custom packages) <packaging@privex.io>" imported
# gpg: key 288DD1632F6E8951: public key "Privex Support (Shared key by Privex Inc. support team for Jan 2021 to 2023) <support@privex.io>" imported
# gpg: key BED8EFF89F1F7520: public key "Kale S <kale@privex.io>" imported
# gpg: key DDB36F2B55284433: public key "Christopher S. (Privex CEO) <chris@privex.io>" imported
# gpg: Total number processed: 4
# gpg:               imported: 4

(1.1) If (1) outputted an error - fix and prevent keyserver issues

If you get an error, such as "keyserver unavailable" or "keyserver name not found", your GPG may have a broken keyserver configured.

To fix this, you should ensure you have a GPG config file, and set your keyserver to a working keyserver, such as the OpenPGP keyserver: hkps://keys.openpgp.org

Commands to fix keyserver config

mkdir -p ~/.gnupg
# You should probably run this command to set keys.openpgp.org as your
# default keyserver (fastest and most reliable as of Jan 2021)
echo "keyserver hkps://keys.openpgp.org" | tee -a ~/.gnupg/dirmngr.conf | tee -a ~/.gnupg/gpg.conf

(1.2) Re-run the recv-keys command if you had to fix your config

If you had to fix your keyserver config in the previous section - you should try re-running the recv-keys command, which should hopefully work this time.

Command

gpg --recv-keys DDB36F2B55284433 BED8EFF89F1F7520 288DD1632F6E8951 A07AE80FE77AB97B

(1.3) Still having trouble downloading the keys with recv-keys?

If you still get a keyserver error, despite having adjusted your config with section 1.1 - then you can try forcing GPG to use a specific key server, such as keys.openpgp.org - for one command:

Command

gpg --keyserver hkps://keys.openpgp.org --recv-keys DDB36F2B55284433 BED8EFF89F1F7520 288DD1632F6E8951 A07AE80FE77AB97B

Individual keys explained

Privex Support

For general encrypted communication with the Privex support team, use this key. This key is shared with our long term highly trusted employees for reading and responding to all support enquiries.

NOTE: As this key is shared by multiple people, it may occasionally be re-generated when staff members leave or if we believe the key may have been compromised.
For extra security, the key has an expiry time of 2 years and must be regenerated after that.

Fingerprint: 17E8 77C3 5C3E 886A 5232 6C6A 288D D163 2F6E 8951 (17E877C35C3E886A52326C6A288DD1632F6E8951)

Long Key ID: 288D D163 2F6E 8951 (288DD1632F6E8951)

Short Key ID: 2F6E 8951 (2F6E8951)

Expiration Date: 2023-01-19 (Jan 19th 2023)

Direct download (hosted on our site): privex-support-2021-2023.asc

Kale S. (CTO of Privex)

Kale is our Chief Technical Officer, and also handles Tier 3 (advanced) server issues. For most server issues, we would suggest that you use the Privex Support key. If your server issues require us to handle sensitive information, you may wish to encrypt your support messages directly for Kale.

For the fastest response, we recommend using the standard contact methods, either via the Support Ticket System, or via the support emails at the bottom of this page. Simply state that the ticket is intended for Kale in cleartext, e.g. placing "for the attention of Kale" at the start of the ticket/email body.

If for some reason you must contact Kale directly, email kale [at] privex (dot) io

Fingerprint: 4274 DEF7 4745 3454 CDA6 AED5 BED8 EFF8 9F1F 7520 (4274DEF747453454CDA6AED5BED8EFF89F1F7520)

Long Key ID: BED8 EFF8 9F1F 7520 (BED8EFF89F1F7520)

Short Key ID: 9F1F 7520 (9F1F7520)

Direct download (hosted on our site): kale-privex-2019.asc

Chris S. (CEO of Privex)

Use the CEO's key for extremely sensitive matters, such as disclosures or concerns relating to a Privex employee. To contact Chris directly, email chris [at] privex (dot) io

If Kale is unavailable, Chris is also able to handle highly sensitive Tier 3 server issues. As previously mentioned, please send server issues via our normal support methods, with a cleartext notice to inform support staff to assign it to him e.g. "for the attention of Chris".

Fingerprint: A4A1 0213 ECA1 B50E 32E6 9180 DDB3 6F2B 5528 4433 (A4A10213ECA1B50E32E69180DDB36F2B55284433)

Long Key ID: DDB3 6F2B 5528 4433 (DDB36F2B55284433)

Short Key ID: 5528 4433 (55284433)

Direct download (hosted on our site): chris-someguy123-privex-2017.asc

Privex Inc. Package Signing Key

GPG Name: Privex Inc. Package Signing Key (DEB / RPM / etc. packages, including apt.privex.io custom packages)

Currently only Chris + Kale. Only used for signing packages on apt.privex.io

Unlike the previous 3 keys, this key is NOT intended for use by customers for encrypting their customer support messages. It's primary purpose is for signing DEB and DSC packages on apt.privex.io to ensure user's apt / apt-get package manager can verify the packages on our repo have legitimately been built / compiled by us, and not tampered with by a malicious third party.

Technically, it could be used when contacting packaging [at] privex dot io - e.g. in the event there's an emergency security update for one of the packages we publish on our apt repo, so that security researchers / developers can alert us securely, without potentially leaking the exploit details over the wire, or to staff who don't even deal with our packaging.

Fingerprint: 3743 5560 EA6B 93F0 2B53 2F18 A07A E80F E77A B97B

Long Key ID: A07A E80F E77A B97B

Short Key ID: E77A B97B

Expiration date: 2022-11-06 (Nov 6th 2022)

Direct download (hosted on our site): apt.privex.io-packaging-2020-2022.asc