QuickStart¶
Getting up & running with Aletheia doesn’t take long at all the process is simple:
- Check out Setup to install Aletheia on your system.
- Use the
aletheia
command to generate your public and private keys. Have a look at The Command Line API for details on that. - Put your public key on the web (details below)
- Sign your files using the
aletheia
command.
If you only want to use Aletheia to verify stuff you find online, you don’t event need to worry about steps 2-4.
A Little More Information¶
Let’s go over steps 2-4 a little closer as step 1 is pretty well covered in Setup.
Generating Your Keys¶
Aletheia allows you to attach your authorship to a file through a process called public key cryptography. The process is pretty simple:
- You use Aletheia to create two files: a private key and a public key.
- You keep your private key safe and don’t share it with anyone.
- You put your public key on your webserver where Aletheia knows to look for it.
- You use Aletheia to “sign” your files. This tags them in such a way that other people can then use Aletheia to verify the file came from you.
Key generation is a one-step process. Just open a shell and type this:
$ aletheia generate
That’ll take a few moments. When you’re done, you have to decide where you want to store your public key. You have two options:
- In your DNS configuration as a
TXT
record. - On your webserver at
/aletheia.pub
.
You only need to do one of these, but it doesn’t hurt to do both.
Storing Your Key in DNS¶
As DNS TXT records don’t much line line breaks, you should store your key in OpenSSH format. So, the first step is to get your public key in said format:
$ aletheia public-key --format=openssh
Copy & paste the output of this command into a TXT record for your domain, prefixing it with aletheia-public-key=. The result should look something like this:
example.com. 3599 IN TXT “aletheia-public-key=ssh-rsa AAAAB3NzaC1yc2E…
Note that there’s an RFC that requires that TXT records not exceed a length of
255 characters, but the work-around is to store the single key as a series of
strings on the same record. If you’re curious about what this looks like, make
sure you’ve got dig
installed and have a look at danielquinn.org
:
$ dig danielquinn.org txt
Storing Your Key on Your Webserver¶
As an alternative to DNS, you can also just host your public key on your webserver so long as:
- The file is accessible at
/aletheia.pub
- Your site supports SSL
Just get a copy of your public key:
$ aletheia public-key
And put the output of that command into a file called aletheia.pub
.
Finally, upload that file to your website. You’ll know you’ve got it right if
you can go to https://yourwebsite.com/aletheia.pub
and the result is your
public key.
Signing Your File(s)¶
Finally, you’ve got your public key where other people running Aletheia can find it, so now it’s time to sign your files. Have a look at The Command Line API again for more info, but here’s the quick version:
$ aletheia sign /path/to/my/file.jpg my-website.com