Some conversation with our support might require the exchange of sensitive data.
To avoid letting this information reside in clear in the mailbox, we use GPG to crypt / decrypt this data.

Send sensitive data to the support

Firstly, import our public key:

$ gpg --keyserver keyserver.ubuntu.com --search-key support@cloud-iam.com
...
gpg: key ...: public key "Cloud-IAM Support Team <support@cloud-iam.com>" imported
...

Then, crypt and sign the file with the following command:

$ gpg --output secret-files.txt.gpg --encrypt --recipient support@cloud-iam.com secret-files.txt
$ shasum -a 256 secret-files.txt | awk '{print $1}' > secret-files.txt.sha256sum
$ gpg --output secret-files.txt.sha256sum.sig --sign secret-files.txt.sha256sum

The file secret-files.txt.gpg is now crypted and only Cloud-IAM Support Team will be able to decrypt and read it 👌.
If you associate the secret-files.txt.sha256sum.sig file, we will ensure the file has not been compromised.

Receive sensitive data from the support

If you want the support to send you sensitive data (password reset, exports, ...), you'll need to somehow provide your public key.

If you don't have yet a GPG key, please follow the instructions to export the public key.

$ gpg --full-generate-key
...
$ gpg --output public.pgp --armor --export my-email@acme.inc

You can then send us your public key or publish it on a public key server such as keyserver.ubuntu.com and then send us the email associated with your public key.

When you will receive the crypted data, you simply need to run the following command to get them in clear:

$ gpg --decrypt sensitive-data.txt.gpg --output sensitive-data.txt

Updated on: 04/01/2023