Differences

This shows you the differences between two versions of the page.

--- gnupg [2009/09/02 15:46] – cangiani
+++ gnupg [2009/09/02 15:59] – cangiani
@@ Line 10: / Line 10: @@
   * to encrypt a message for a friend of yours, use his public key
   * to sign a message: use your private key
+  * you should be sure that you can trust your public keys. The ideal thing is to organize //key exchange parties// with your friends or at least, to ask your friends to confirm that the key you have is valid (e.g. by comparing key fingerprint that you obtain from ''gpg --list-keys --fingerprint'' on the phone  ).
 </note>
+Anyway, the very first thing to do is to create your own private/public key pair:\
+<code>
+# gpg --gen-key
+gpg (GnuPG/MacGPG2) 2.0.12; Copyright (C) 2009 Free Software Foundation, Inc.
+This is free software: you are free to change and redistribute it.
+There is NO WARRANTY, to the extent permitted by law.
+Please select what kind of key you want:
+   (1) RSA and RSA (default)
+   (2) DSA and Elgamal
+   (3) DSA (sign only)
+   (4) RSA (sign only)
+Your selection? 2
+DSA keys may be between 1024 and 3072 bits long.
+What keysize do you want? (2048)
+Requested keysize is 2048 bits
+Please specify how long the key should be valid.
+= key does not expire
+      <n>  = key expires in n days
+      <n>w = key expires in n weeks
+      <n>m = key expires in n months
+      <n>y = key expires in n years
+Key is valid for? (0) 3
+Key expires at Sat Sep  5 16:59:34 2009 CEST
+Is this correct? (y/N) y
+GnuPG needs to construct a user ID to identify your key.
+Real name: Flash Gordon
+Email address: flash.gordon@gmail.com
+Comment: this is another test key
+You selected this USER-ID:
+    "Flash Gordon (this is another test key) <flash.gordon@gmail.com>"
+Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
+You need a Passphrase to protect your secret key.
+We need to generate a lot of random bytes. It is a good idea to perform
+some other action (type on the keyboard, move the mouse, utilize the
+disks) during the prime generation; this gives the random number
+generator a better chance to gain enough entropy.
+gpg: WARNING: some OpenPGP programs can't handle a DSA key with this digest size
+We need to generate a lot of random bytes. It is a good idea to perform
+some other action (type on the keyboard, move the mouse, utilize the
+disks) during the prime generation; this gives the random number
+generator a better chance to gain enough entropy.
+gpg: key 48C7AF6A marked as ultimately trusted
+public and secret key created and signed.
+gpg: checking the trustdb
+gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
+gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u
+gpg: next trustdb check due at 2009-09-03
+pub   2048D/48C7AF6A 2009-09-02 [expires: 2009-09-05]
+      Key fingerprint = 695D 354D E592 8677 50E5  5E62 DF8B 511A 48C7 AF6A
+uid                  Flash Gordon (this is another test key) <flash.gordon@gmail.ch>
+sub   2048g/E9BEF1D2 2009-09-02 [expires: 2009-09-05]
+</code>
 An handy way of sharing your public key is to upload it to a public key server like ''keys.gnupg.net''. This allows your friend to easily search and obtain your public key and vice-versa. To upload your public key, first decide which one to upload. Therefore list your keys
@@ Line 69: / Line 129: @@
 sub   2048g/45397CF2 2009-06-09 [expires: 2019-06-07]
 </code>
 ==== Mac ====
@@ Line 77: / Line 136: @@
 {{ mail:pgpmailpreferences.png?64|GnuPG Mail preferences}}Your newly generated key will appear also as default Personal Key in the //Keys// section of the //PGP// tab of Mail preferences. You are now ready for sending encrypted and/or digitally signed messages with //Mail//.
-PGPMail is well documented in its [[http://www.sente.ch/software/GPGMail/French.lproj/GPGMail.html|official website]].
+PGPMail is well documented in its [[http://www.sente.ch/software/GPGMail/French.lproj/GPGMail.html|official website]]. The interface is very simple and should be easy to understand.
 ==== Linux ====