Paper is a safe way to backup a secret key: you can't hack into it remotely, you can hide it very easily, and you will still be able to use it in 50+ years. No USB stick can do that...

If you want to store your GnuPG secret key on a paper sheet, it is quite simple to do. You can use PaperKey, a small tool that strips all the useless data from a secret key and formats it into a printable result. This is great, but the result can be quite long: printing my 2048 bits secret key would take 3 pages.

But there is a nice way to store more data on a small surface: 2D barcodes, for example in the DataMatrix format, using the great libdmtx library. For small keys, this is really easy:

gpg --export-secret-key KEY_ID | paperkey --output-type raw | dmtxwrite -e 8 -f PDF > secret-key.pdf

If your key is bigger (like my 2048 bits key), you will need to split it in several parts, because the result of the paperkey command will be too big to be encoded in a single DataMatrix. Here is a simple method:

# Generates key-aa, key-ab, ...
gpg --export-secret-key KEY_ID | paperkey --output-type raw | split -b 1500 - key-

# Convert each of them to a PNG image
for K in key-*; do
    dmtxwrite -e 8 $K > $K.png
done

You now have several PNG images that you can print together on a single page.

To restore your key, it's just as simple: scan each DataMatrix into a separate image, decode them with dmtxread, concatenate all the resulting files (cat...), and use paperkey:

cat my-scanned-keys | paperkey --pubring ~/.gnupg/pubring.gpg > secret-key.gpg

Source: TPK Archival (by David Shaw, creator of PaperKey).

This morning I read the latest Piled Higher & Deeper about égalité des chances.

I am part of the few people who do a PhD after a grande école. The part about "Good job €€€€" vs "Crappy job" is quite true -- except that, from what I experienced, these "good jobs" are often boring, non-technical ones: contract managers, directors, etc. The kind of job that takes 50+ hours a week, plus many weekends. Not my cup of tea. And that is just why I decided to do a PhD: it is very interesting and rewarding, and I have enough free time to do what I like to do besides my work.

After more than two months of silence, I'm back! And, once again, with a brand new blog...

So, why did I change again? Many reasons: Tumblr was annoying (non-free, no control over your data, simplistic template system). Before that, Dotclear required constant attention to make it was up-to-date because of security issues (and it would have been even worse with WordPress...). I realized that what I really want is something that generates a static website: plain (X)HTML files are much safer than any dynamic website! However I do not want to do everything by hand, so I need something that generates these static files from some human-readable markup (preferably Markdown). I also need to track everything I do on my data, to backup it easily, and to be able to quickly revert to an older version: I want to use Git on my blog. And since I now use Emacs all day long, I definitely want something that integrates well in Emacs.

Several static blog generators are available:

• BlazeBlogger: quite nice! Written in bash, Markdown syntax... However, nothing for Emacs, and it uses a kind-of-version-control system that I do not like very much (it adds a lot of files to my git repository and just logs "this post was edited" without being able to revert to a previous version, so what's the point?).
• nanoblogger: written in bash too. Seems too complex for what I want. Plus, it describes itself as "slow"...
• Jekyll: close to perfect. It uses the Markdown syntax, has a nice template engine, integrates very well with Git (it's hosted on GitHub, which I like very much, and is even used for GitHub Pages). An Emacs mode is available. It has some very good ideas, like its YAML front matter. But Jekyll is written in Ruby, which is far from being my favorite language, and it lacks some features I like (tags...).

I finally decided to do something much funnier: write my own blog engine in Python. It took me a few days, but now it's done: Golbarg is born!

This brand new engine is written 100% in Python. It uses the Jinja 2 template engine, python-markdown for turning Markdown into HTML, and PyYAML for managing posts headers and metadata. golbarg.el is bundled, so every Emacs user can enjoy golbarg-mode. And all of this is of course available under the terms of the GNU GPLv3 license.

Golbarg is hosted on GitHub, as well as this blog. I also made Golbarg available on the Python package index (yes, you can install it with a simple pip install Golbarg!). Except for the comments in the source code, there is very little documentation available... So if you want to give Golbarg a try, look at the source of this blog, it's probably the best way to dive in.

Last few words: the old RSS feed will be available for a few weeks. Be sure to switch to the new feed as soon as possible!