GNU Privacy guard 


GNU Privacy Guard (GPG/PGP) use for encrypting messages by using PKI or asymmetric key .

Asymmetric key mechanism uses public and private key

  • sender side:
public key use to encrypt message to send it.

  • receiver side:
private key use to decrypt encrypted message.

  • Owner of the keys can exchange public key with others , and then they send back encrypted messages again to the owner (message encrypt by public key and decrypt by private key), and as usual private key must be secured well.
  • GPG is CLI program (command line interface) and there are GUI program such as Seahorse .
  • GPG used for encrypt messages ,ASCII files,verification.

  • Using GPG 
Generate public and private key:
by command gpg --gen-key

This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. 

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection?

now hit enter to specify the default 

RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)

hit enter again to specify the default

Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n year

you can specify expire date , hit enter to chose key does not expire.

Key does not expire at all
Is this correct? (y/N)

Hit y .

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name:

Now enter you real name and hit enter , And then
Email address:
Now enter your e-mail address
And then hit enter for comment

You selected this USER-ID:
    "example <example@example.com>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? 

Enter o to continue or (N , C , E ) to change your data

You need a Passphrase to protect your secret key.
Enter passphrase:

if you wan to to use a password for your keys (if you wan to, ,just enter the password and then . if you don't just hit enter).

Repeat passphrase:

repeat the password or hit enter again
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

and GNU start to generate keys , (hit random keys and move mouse to improve generating public and private key ).

let's navigate GPG file
cd ~/.gnupg/
there are two important files
secring.gpg ---> private key
pubring.gpg ---> public key

And now you can exchange your public key (pubring.gpg) with others to send you encrypted messages...

to see your keys use command gpg --list-keys

pub   2048R/55728FBB 2010-11-20
uid                  example <example@example.com>
sub   2048R/5A5F62F0 2010-11-20

55728FBB ID of public key ,ID is a unique and use to specify the recipient or the owner of private key that match public key.

No comments:

Post a Comment