User Tools

Site Tools


gnupg

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
gnupg [2009/09/02 15:46]
cangiani
gnupg [2009/09/02 15:59]
cangiani
Line 10: Line 10:
   * to encrypt a message for a friend of yours, use his public key   * to encrypt a message for a friend of yours, use his public key
   * to sign a message: use your private key   * to sign a message: use your private key
 +  * you should be sure that you can trust your public keys. The ideal thing is to organize //key exchange parties// with your friends or at least, to ask your friends to confirm that the key you have is valid (e.g. by comparing key fingerprint that you obtain from ''​gpg --list-keys --fingerprint''​ on the phone  ).
 </​note>​ </​note>​
 +
 +Anyway, the very first thing to do is to create your own private/​public key pair:\
 +<​code>​
 +# gpg --gen-key
 +gpg (GnuPG/​MacGPG2) 2.0.12; Copyright (C) 2009 Free Software Foundation, Inc.
 +This is free software: you are free to change and redistribute it.
 +There is NO WARRANTY, to the extent permitted by law.
 +
 +Please select what kind of key you want:
 +   (1) RSA and RSA (default)
 +   (2) DSA and Elgamal
 +   (3) DSA (sign only)
 +   (4) RSA (sign only)
 +Your selection? 2
 +DSA keys may be between 1024 and 3072 bits long.
 +What keysize do you want? (2048) ​
 +Requested keysize is 2048 bits   
 +Please specify how long the key should be valid.
 +         0 = key does not expire
 +      <​n> ​ = key expires in n days
 +      <n>w = key expires in n weeks
 +      <n>m = key expires in n months
 +      <n>y = key expires in n years
 +Key is valid for? (0) 3
 +Key expires at Sat Sep  5 16:59:34 2009 CEST
 +Is this correct? (y/N) y
 +                        ​
 +GnuPG needs to construct a user ID to identify your key.
 +
 +Real name: Flash Gordon
 +Email address: flash.gordon@gmail.com ​
 +Comment: this is another test key   
 +You selected this USER-ID:
 +    "Flash Gordon (this is another test key) <​flash.gordon@gmail.com>"​
 +
 +Change (N)ame, (C)omment, (E)mail or (O)kay/​(Q)uit?​ O
 +You need a Passphrase to protect your secret key.    ​
 +
 +We need to generate a lot of random bytes. It is a good idea to perform
 +some other action (type on the keyboard, move the mouse, utilize the
 +disks) during the prime generation; this gives the random number
 +generator a better chance to gain enough entropy.
 +gpg: WARNING: some OpenPGP programs can't handle a DSA key with this digest size
 +We need to generate a lot of random bytes. It is a good idea to perform
 +some other action (type on the keyboard, move the mouse, utilize the
 +disks) during the prime generation; this gives the random number
 +generator a better chance to gain enough entropy.
 +gpg: key 48C7AF6A marked as ultimately trusted
 +public and secret key created and signed.
 +
 +gpg: checking the trustdb
 +gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
 +gpg: depth: 0  valid: ​  ​2 ​ signed: ​  ​0 ​ trust: 0-, 0q, 0n, 0m, 0f, 2u
 +gpg: next trustdb check due at 2009-09-03
 +pub   ​2048D/​48C7AF6A 2009-09-02 [expires: 2009-09-05]
 +      Key fingerprint = 695D 354D E592 8677 50E5  5E62 DF8B 511A 48C7 AF6A
 +uid                  Flash Gordon (this is another test key) <​flash.gordon@gmail.ch>​
 +sub   ​2048g/​E9BEF1D2 2009-09-02 [expires: 2009-09-05]
 +</​code>​
  
 An handy way of sharing your public key is to upload it to a public key server like ''​keys.gnupg.net''​. This allows your friend to easily search and obtain your public key and vice-versa. To upload your public key, first decide which one to upload. Therefore list your keys An handy way of sharing your public key is to upload it to a public key server like ''​keys.gnupg.net''​. This allows your friend to easily search and obtain your public key and vice-versa. To upload your public key, first decide which one to upload. Therefore list your keys
Line 69: Line 129:
 sub   ​2048g/​45397CF2 2009-06-09 [expires: 2019-06-07] sub   ​2048g/​45397CF2 2009-06-09 [expires: 2019-06-07]
 </​code>​ </​code>​
- 
  
 ==== Mac ==== ==== Mac ====
Line 77: Line 136:
 {{ mail:​pgpmailpreferences.png?​64|GnuPG Mail preferences}}Your newly generated key will appear also as default Personal Key in the //Keys// section of the //PGP// tab of Mail preferences. You are now ready for sending encrypted and/or digitally signed messages with //​Mail//​. ​ {{ mail:​pgpmailpreferences.png?​64|GnuPG Mail preferences}}Your newly generated key will appear also as default Personal Key in the //Keys// section of the //PGP// tab of Mail preferences. You are now ready for sending encrypted and/or digitally signed messages with //​Mail//​. ​
  
-PGPMail is well documented in its [[http://​www.sente.ch/​software/​GPGMail/​French.lproj/​GPGMail.html|official website]]. ​+PGPMail is well documented in its [[http://​www.sente.ch/​software/​GPGMail/​French.lproj/​GPGMail.html|official website]]. The interface is very simple and should be easy to understand
  
 ==== Linux ==== ==== Linux ====
gnupg.txt ยท Last modified: 2009/09/02 15:59 by cangiani