User Tools

Site Tools


gnupg

Gnupg

GNUPG HOW-TO

Run the following from a linux based operating system (e.g. debian) and accept the defaults.

Note, it may take some time to generate the random information.

 gpg --gen-key

To see all the keys - yours and your friends etc.:

 gpg --list-keys

Example of above:

 /home/you/.gnupg/pubring.gpg
 ----------------------------
 pub 1024D/32j38dk2 2001-06-20 you <you@your-address.com>
 sub 1024g/289sklj3 2001-06-20 [[expires:|2002-11-14]]
 <br>
 All the public keys you know are stored in the file:
 ~/.gnupg/pubring.gpg
 pub = Public Key
 Public Key ID (UID) = 32j38dk2

To send your key (public) to a person:

 -o is for a file name (steve)
 -a is for an ascii file
 gpg --export -o steve -a UID

To import a key manually from someone:

 gpg --import filename

Upload Public Key to key server:

 gpg --send-keys --keyserver wwwkeys.pgp.net UID

To edit keys - Typically used for signing keys

(cant change name or comment, only password and expiry)
#UID = See example above

 gpg --edit-key UID

To Search for Keys:

(This Will also allow you to download and include the person)

 gpg --search-key --keyserver wwwkeys.pgp.net stephen burke

To Create a gpg fingerprint so you can PRINT out your Key fingerprint: This allows you to take away to a “Key Signing Party” and sign other keys verifying the person's identity using two forms of id.

 gpg --fingerprint

Add User ID

Adding in a User ID:

 gpg --edit-key UID
 uid n      #Toggles selection of user id with index n. Use 0 to deselect all. 
 list
See the * beside the Current User id. After current ID is selected type:
 primary

That should be it. Upload keys with command above.

KeySigning Procedure

See original: http://www.hants.lug.org.uk/cgi-bin/wiki.pl?LinuxHints/KeySigning

 gpg --search-key --keyserver wwwkeys.eu.pgp.net firstname lastname
 #Send a signed and encrypted email, asking for a signed reply. When a signed reply is obtained, then:
 gpg --ask-cert-level --sign-key UID
 gpg --send-key UID

URL's:

Extend GPG Expiry

So my gpg key recently expired and I was wondering why pine was giving out to me saying “no default key available”!

There is a great guide at: http://www.g-loaded.eu/2010/11/01/change-expiration-date-gpg-key/

Some of the main points:
 gpg --list-keys
 gpg --edit-key UID
 {type} key 0
 expire
 #enter new expiry date
 {type} key 1
 #enter new expiry date
 save
 gpg --keyserver pgp.mit.edu --send-keys UID

Fixes

public key decryption failed: Inappropriate ioctl for device

After updates using gpg via pine threw up the error: gpg: public key decryption failed: Inappropriate ioctl for device The solution:

 export GPG_TTY=$(tty)

Kudos to: https://zaplanincan.wordpress.com/tag/decryption-failed/

gnupg.txt · Last modified: 2022/07/23 11:17 by admin