• 0 Posts
  • 6 Comments
Joined 1 year ago
cake
Cake day: June 15th, 2023

help-circle

  • The compromise I’ve landed on is that I host my own DNS mx records, and point them to a paid enterprise mail provider.

    This gets me the advantages of a paid provider while keeping my actual email address fully mine, to take wherever I want.

    I did still have to learn a bunch of DNS rules in order to send all the correct “I’m not an evil spammer” headers and DNS records. But following a one page tutorial worked for me.

    Edit: A disadvantage of my approach is that I’m still at the mercy of my email provider if I want to export my message history, and for the privacy of my message history.


  • Sometimes the obvious solution is the way to go.

    Your idea sounds good to go ahead and publish your pubkey(s) to fully public URL you control and can memorize.

    Then you can stash or memorize the curl command needed to grab it (them) and authorize something to it (them).

    A lot of more complicated solutions are just fancy ways to safely move private keys around.

    For my private keys, I prefer to generate a new one for each use case, and throw them out when I’m done with them. That way I don’t need a solution to move, share or store them.

    Edit: Full disclosure - I do also use Ansible to deploy my public keys.