GNU pgp
Here are some notes on GNU pgp from my recent experience at setting up a secured way to share a password file with multiple users.
For those that want to send me encrypted data, here’s my private key ID: F7C6134C
Creating your key:
--gen-keyNow set that key to be your default key:
# vim ~/.gnupg/gpg.conf
add this line:
default-key <YOUR KEY ID>
Now publish your key for others to use:
# gpg --send-keys --keyserver keyserver.ubuntu.com <YOUR KEY ID>
If you want to download someone else’s key to use:
# gpg --recv-keys --keyserver keyserver.ubuntu.com <THEIR KEY ID>
To sign someone else’s key:
# gpg --sign-key <THEIR KEY ID>
and re-publish it so they can get your signature on it:
# gpg --send-keys --keyserver keyserver.ubuntu.com <THEIR KEY ID>
Don’t forget to --recv-keys after someone has signed your key – use your own key ID.
To encrypt and sign a file:
# gpg -esr <THEIR KEY> --out <ENCRYPTED FILE>.gpg <ORIGINAL FILE>
To view the contents of an encrypted file:
# gpg -d <ENCRYPTED FILE>
This will prompt for you key password and also show you the person who sent you the file
To export your private key:
# gpg --export-secret-key <KEY ID> > private.key
To import a private key:
# gpg --allow-secret-key-import --import private.key
NOTE: Exporting an importing private keys does not make them usable without the password. You’re safe to export your private key and store it publicly, no one can use it without the password.
Leave a Comment