| Cooking with UNIX/Linux |
|
| Cooking with UNIX/Linux > Gnu Privacy Guard (GPG) |
Gnu Privacy Guard (GPG)GPG RECIPE by Frederik Dannemare0) See http://articles.linuxguru.net/view/193 for more details on the use of gpg. Also have a look at http://www.dewinter.com/gnupg_howto/. 1) Generate your private/public key pair. gpg --gen-key 2) List all keys currently in your public keyring. gpg --list-keys 3a) Upload your public key to a public key server. gpg --keyserver subkeys.pgp.net --send-keys 0x12345678 3b) You may also export your public key as a text file which may be passed on to other users. gpg --export --armor frederik@dannemare.dk >frda_pubkey.asc 4) When somebody has signed your key and sent it back to you, import the signed key. gpg --import mysignedkey.asc 5a) Import public keys from other users. lynx -source http://www.apache.org/dist/httpd/KEYS | gpg --import gpg --keyserver subkeys.pgp.net --recv-keys 0x2468ABCD 5b) Verify integrity of a key (ensure that the fingerprint is a match). gpg --fingerprint engelschall 5c) Sign an imported public key (for local use only, if you haven't received the fingerprint in a secure way). gpg --lsign-key engelschall 5d) If you have received a person's fingerprint in a secure way (e.g. meet with the person) and verified (ask for passport, driver's license, or some other photo ID) the identity of the person, sign the key with. gpg --sign-key santaclaus 6) Verify integrity of a signed file. gpg --verify mod_ssl-2.8.14-1.3.27.tar.gz.asc mod_ssl-2.8.14-1.3.27.tar.gz 7a) Public keys can be found on a public key server such as: http://www.keyserver.net http://pgpkeys.mit.edu 7b) Or you can search for keys from the command line. gpg --keyserver subkeys.pgp.net --search-keys dannemare 9) Should you ever need it (e.g. if your private/secret key is compromised), generate a revocation certificate. gpg --output revokedkey.asc --gen-revoke 0x12345678
|
| < | TOP | > |