Keybase: A Simple and Secure Way to Communicate

Whenever I need to share sensitive information with my team--such as passwords or private keys--I use Keybase for peace of mind.

Keybase: A Simple and Secure Way to Communicate

The top portion of this article is a page from my internal company wiki that I wrote a couple of years ago, hence the slightly different style and tone of the content.

At its root, Keybase makes it easy to exchange public keys with other users.

This leads to many interesting applications:

  • Identity verification on social media (e.g., Github, Twitter, Reddit, etc.)
  • Encrypted chat (read: secure Slack)
  • Encrypted file sharing (read: secure Dropbox)
  • Encrypted git repos (read: secure Github)
  • Simple cryptocurrency exchange
  1. Click the [Install] button at the Keybase website
    1. Follow instructions to download and install on Windows
    2. Choose a username…wisely
    3. Choose a device name
      • Pick something that describes the device
      • The device name will be public
      • One approach is to use the device manufacturer, device type, and 2-digit year of purchase
        • For example:
          • Dell Laptop 19
          • HP Desktop 18
      • Be aware that you cannot re-use a device name
        • If for some reason you need to re-provision a device, append -v# to the name, increasing the version number each time
          • Dell Laptop 19-v2
          • HP Desktop 18-v2
          • HP Desktop 18-v3
          • HP Desktop 18-v4
  2. Follow the instructions to link existing social media accounts
    • Be aware that you can only link a single account per social media site
    • In other words, if you have multiple Twitter accounts, only one can be linked to your Keybase profile (choose wisely)
  3. Click the file icon on the left sidebar of the desktop app and click [Yes, enable] to enable Keybase in Explorer
  1. Install the Keybase app from Google Play
  2. Open the app and click the [Log in] button
    1. Enter username from above
    2. Click on device from above

I am mwolfe02 on Keybase

Here are my current proofs:

I just switched my linked Twitter profile from my personal account (@mwolfe02) to my Access alter ego account (@nolongerset).

I had to explicitly overwrite the original proof.  I wasn't sure what would happen, so I ran the command line interface (CLI) commands to better document the process.  Here's what that looked like:

Having overwritten my original Twitter proof, I can confirm that the link between it and Keybase has been permanently severed.  This is true even though the original social proof tweet remains up on Twitter:

The second link in that tweet now redirects back to the Keybase home page, instead of my Keybase profile.  Here's a look at my full signature chain, showing that I linked to my personal Twitter account in 2019 and then relinked to my NoLongerSet account tonight:

Further Reading

All original code samples by Mike Wolfe are licensed under CC BY 4.0