Gnupg

From Wiki

Revision as of 17:26, 23 April 2011 by Admin (Talk | contribs)
(diff) ← Older revision | Current revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Contents

GNUPG HOW-TO

Run the following from a linux based operating system (e.g. debian) and accept the defaults.
Note, it may take some time to generate the random information.

gpg --gen-key

To see all the keys - yours and your friends etc.:

gpg --list-keys

Example of above:

/home/you/.gnupg/pubring.gpg
----------------------------
pub 1024D/32j38dk2 2001-06-20 you <you@your-address.com>
sub 1024g/289sklj3 2001-06-20 [expires: 2002-11-14]

All the public keys you know are stored in the file: ~/.gnupg/pubring.gpg pub = Public Key Public Key ID (UID) = 32j38dk2

To send your key (public) to a person:

-o is for a file name (steve)
-a is for an ascii file
gpg --export -o steve -a UID

To import a key manually from someone:

gpg --import filename

Upload Public Key to key server:

gpg --send-keys --keyserver wwwkeys.pgp.net UID


To edit keys - Typically used for signing keys
(cant change name or comment, only password and expiry)
UID = See example above

gpg --edit-key UID

To Search for Keys:
(This Will also allow you to download and include the person)

gpg --search-key --keyserver wwwkeys.pgp.net stephen burke

To Create a gpg fingerprint so you can PRINT out your Key fingerprint:
This allows you to take away to a "Key Signing Party" and sign other keys verifying the person's identity using two forms of id.

gpg --fingerprint

Add User ID

Adding in a User ID:

gpg --edit-key UID
uid n  //Toggles selection of user id with index n. Use 0 to deselect all. 
list

See the * beside the Current User id. After current ID is selected type:

primary

That should be it. Upload keys with command above.

KeySigning Procedure

See original: http://www.hants.lug.org.uk/cgi-bin/wiki.pl?LinuxHints/KeySigning

gpg --search-key --keyserver wwwkeys.eu.pgp.net firstname lastname
#Send a signed and encrypted email, asking for a signed reply. When a signed reply is obtained, then:
gpg --ask-cert-level --sign-key UID
gpg --send-key UID

URL's:
http://webber.dewinter.com/gnupg_howto/english/GPGMiniHowto.html
http://www.gnome.org/projects/evolution/doc/x1700.html
http://www.nmlug.org/faqs/gen-gpg-key.html

Extend GPG Expiry

So my gpg key recently expired and I was wondering why pine was giving out to me saying "no default key available"!

There is a great guide at: http://www.g-loaded.eu/2010/11/01/change-expiration-date-gpg-key/

Some of the main points:

gpg --list-keys
gpg --edit-key UID
{type} key 0
expire
//enter new expiry date
{type} key 1
//enter new expiry date
save
gpg --keyserver pgp.mit.edu --send-keys UID
Personal tools