GPGKey

Differences between revisions 8 and 10 (spanning 2 versions)
Revision 8 as of 2005-11-28 08:53:05
Size: 3733
Editor: S0106000d88b9f3db
Comment: link to GPGKeyOnUSBDrive
Revision 10 as of 2005-12-31 16:32:01
Size: 4054
Editor: 81-178-246-152
Comment: some small content editing, removed from CategoryCleanup
Deletions are marked like this. Additions are marked like this.
Line 6: Line 6:
 * Then enter a {{{1}}} to create a standard DSA/ElGamal key. Press Enter.  * Then enter a {{{1}}} to create a standard DSA/El``Gamal key. Press Enter.
Line 15: Line 15:
-
Usually a short sentence or phrase that isn't birthdays, names, etc. of people in your family. I will say this to you, because when it comes to pass phrases, they're not easy sometimes... so write it down. Because what you DON'T want to do is forget it!!
  Usually a short sentence or phrase that isn't easy to guess. '''IMPORTANT''' - write it down! Forgetting your passphrase will result in your key being useless.
Line 26: Line 25:

This section explains how to upload your key to a keyserver so that anyone can download it. When you have uploaded it to one keyserver, after a short time, all the keyservers will have it. '''Note:''' Don't submit your key to a keyserver until you are fully comfortable with all the workings of GNUPG. If you later make a mistake, you can't cancel the key from the keyservers.
Line 40: Line 41:
Line 47: Line 49:
Line 58: Line 61:
Line 68: Line 72:
Line 76: Line 81:
Line 85: Line 91:

CategoryDocumentation

Create A GPG Key

GnuPG is a complete and free replacement for PGP.

gpg --gen-key
  • Then enter a 1 to create a standard DSA/ElGamal key. Press Enter.

  • Type in 2048. Press Enter.

  • Type in 0. Press Enter.

  • Enter a y. Press Enter.

  • Type in your Real Name. Press Enter.

  • Type in your REAL email address. Press Enter.

  • Type in your First Name, add a comment if you want. Press Enter.

  • Type O. Press Enter. It will now create your Key.

  • You will have to give it a Pass Phrase

    • Usually a short sentence or phrase that isn't easy to guess. IMPORTANT - write it down! Forgetting your passphrase will result in your key being useless.

Export Your Key

gpg --export -a "User Name" > public.key

Note that the "User Name" is actually your real full name, not the user name you usually use in Ubuntu, and that the quotes should stay in place around your name.

Submit Your Key

This section explains how to upload your key to a keyserver so that anyone can download it. When you have uploaded it to one keyserver, after a short time, all the keyservers will have it. Note: Don't submit your key to a keyserver until you are fully comfortable with all the workings of GNUPG. If you later make a mistake, you can't cancel the key from the keyservers.

Using GnuPG:

gpg --send-keys --keyserver keyserver.ubuntu.com <KEYID>

Using a webbrowser:

  • Copy the content of public.key:

  • Open http://pgp.mit.edu in a browser window.

  • Paste the copied content in the box under the label, Submit a key

  • Click on Submit this key to the keyserver!

Get Your Key Signed

  • Locate someone that lives near you and can meet with you to verify your id. I've used http://www.biglumber.com/

  • Arrange for a meeting. Bring at least one ID with photo and printed fingerprint of your key, ask the same from the person you will be meeting with.
  • Meet, verify your IDs and exchange fingerprints
  • Sign the key of the person you've just met. Send him/her the key you've just signed.
  • Update your keys on the keyserver, the signature you've just created will be uploaded.

Use Your Key in Evolution

  • Go back to http://pgp.mit.edu and type in your name in the Search String box.

  • Highlight and Copy the section of the result page under "User ID" (It should be your name, comment, and email address.)
  • Open Evolution and go to Edit->Preferences.

  • Choose your email account, click on it, and then click Edit.

  • Click on the security tab.

  • In the PGP/GPG Key ID: box, paste the User ID from the web page result.

  • Click OK. Click Close.

If you want to use your key in any new email, simply click on the Security menu item in your new mail message, and then click on PGP Sign ...

Use Your Key in Mozilla Thunderbird

Install the Enigmail plugin either by:

sudo apt-get install mozilla-thunderbird-enigmail

or by downloading the plugin from [http://enigmail.mozdev.org/ here] and install it manually

Configure GPG in Thunderbird under: Enigmail->Preferences and add under GnuPG executable path the following path /usr/bin/gpg

GUI For GPG Key Management

You can install [http://seahorse.sourceforge.net/ Seahorse] to manage your keys via apt:

sudo apt-get install seahorse

Or search Synaptic for seahorse. Note that you can actually do the entire key creation & exporting process in Seahorse, with a wizard to guide you through the creation if you want.

See Also

Resources

Credits: [http://ubuntuforums.org/showthread.php?t=37086&page=1&pp=10&highlight=enigmail kassetra]

CategoryDocumentation

GPGKey (last edited 2008-08-06 16:59:43 by localhost)