User Tools

Site Tools


gnupg

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
gnupg [2009/09/02 15:47]
cangiani
gnupg [2009/09/02 15:59]
cangiani
Line 10: Line 10:
   * to encrypt a message for a friend of yours, use his public key   * to encrypt a message for a friend of yours, use his public key
   * to sign a message: use your private key   * to sign a message: use your private key
 +  * you should be sure that you can trust your public keys. The ideal thing is to organize //key exchange parties// with your friends or at least, to ask your friends to confirm that the key you have is valid (e.g. by comparing key fingerprint that you obtain from ''​gpg --list-keys --fingerprint''​ on the phone  ).
 </​note>​ </​note>​
 +
 +Anyway, the very first thing to do is to create your own private/​public key pair:\
 +<​code>​
 +# gpg --gen-key
 +gpg (GnuPG/​MacGPG2) 2.0.12; Copyright (C) 2009 Free Software Foundation, Inc.
 +This is free software: you are free to change and redistribute it.
 +There is NO WARRANTY, to the extent permitted by law.
 +
 +Please select what kind of key you want:
 +   (1) RSA and RSA (default)
 +   (2) DSA and Elgamal
 +   (3) DSA (sign only)
 +   (4) RSA (sign only)
 +Your selection? 2
 +DSA keys may be between 1024 and 3072 bits long.
 +What keysize do you want? (2048) ​
 +Requested keysize is 2048 bits   
 +Please specify how long the key should be valid.
 +         0 = key does not expire
 +      <​n> ​ = key expires in n days
 +      <n>w = key expires in n weeks
 +      <n>m = key expires in n months
 +      <n>y = key expires in n years
 +Key is valid for? (0) 3
 +Key expires at Sat Sep  5 16:59:34 2009 CEST
 +Is this correct? (y/N) y
 +                        ​
 +GnuPG needs to construct a user ID to identify your key.
 +
 +Real name: Flash Gordon
 +Email address: flash.gordon@gmail.com ​
 +Comment: this is another test key   
 +You selected this USER-ID:
 +    "Flash Gordon (this is another test key) <​flash.gordon@gmail.com>"​
 +
 +Change (N)ame, (C)omment, (E)mail or (O)kay/​(Q)uit?​ O
 +You need a Passphrase to protect your secret key.    ​
 +
 +We need to generate a lot of random bytes. It is a good idea to perform
 +some other action (type on the keyboard, move the mouse, utilize the
 +disks) during the prime generation; this gives the random number
 +generator a better chance to gain enough entropy.
 +gpg: WARNING: some OpenPGP programs can't handle a DSA key with this digest size
 +We need to generate a lot of random bytes. It is a good idea to perform
 +some other action (type on the keyboard, move the mouse, utilize the
 +disks) during the prime generation; this gives the random number
 +generator a better chance to gain enough entropy.
 +gpg: key 48C7AF6A marked as ultimately trusted
 +public and secret key created and signed.
 +
 +gpg: checking the trustdb
 +gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
 +gpg: depth: 0  valid: ​  ​2 ​ signed: ​  ​0 ​ trust: 0-, 0q, 0n, 0m, 0f, 2u
 +gpg: next trustdb check due at 2009-09-03
 +pub   ​2048D/​48C7AF6A 2009-09-02 [expires: 2009-09-05]
 +      Key fingerprint = 695D 354D E592 8677 50E5  5E62 DF8B 511A 48C7 AF6A
 +uid                  Flash Gordon (this is another test key) <​flash.gordon@gmail.ch>​
 +sub   ​2048g/​E9BEF1D2 2009-09-02 [expires: 2009-09-05]
 +</​code>​
  
 An handy way of sharing your public key is to upload it to a public key server like ''​keys.gnupg.net''​. This allows your friend to easily search and obtain your public key and vice-versa. To upload your public key, first decide which one to upload. Therefore list your keys An handy way of sharing your public key is to upload it to a public key server like ''​keys.gnupg.net''​. This allows your friend to easily search and obtain your public key and vice-versa. To upload your public key, first decide which one to upload. Therefore list your keys
gnupg.txt ยท Last modified: 2009/09/02 15:59 by cangiani