Thursday, September 17, 2009

PGP, GPG How To

I needed to generate a PGP key today so that some other folks could share confidential information with me. Though I know the concepts behind PGP, I have never had to generate PGP keys before. Here is how I did it using GPG (Gnu Privacy Guard).

It is interesting that GNU folks come up with interesting monikers like this .. PGP and GPG!!

A. Generate PGP key


ajain@ubuntu:~$ gpg --gen-key
gpg (GnuPG) 1.4.6; Copyright (C) 2006 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Please select what kind of key you want:
 (1) DSA and Elgamal (default)
 (2) DSA (sign only)
 (5) RSA (sign only)
Your selection? 1
DSA keypair will have 1024 bits.
ELG-E keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
       0 = key does not expire
      = key expires in n days
    w = key expires in n weeks
    m = key expires in n months
    y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
  "Heinrich Heine (Der Dichter) "

Real name: Amitabh Jain
Email address: amitabhj@gmail.com
Comment: Amitabh's PGP key
You selected this USER-ID:
  "Amitabh Jain (Amitabh's PGP key) "

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

gpg: gpg-agent is not available in this session
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
++++++++++.++++++++++.++++++++++++++++++++++++++++++..+++++++++++++++.++++++++++++++++++++++++++++++.++++++++++++++++++++..++++++++++...+++++>++++++++++......................................<.+++++.............>+++++........................<+++++..........................>+++++.............<+++++>.+++++.......+++++

Not enough random bytes available.  Please do some other work to give
the OS a chance to collect more entropy! (Need 265 more bytes)
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
++++++++++.+++++.+++++.++++++++++++++++++++g+++++++++++++++++++++++++.+++++++++++++++....+++++.+++++++++++++++.+++++.++++++++++++++++++++.+++++++++++++++..+++++>...+++++... .+++++..t.o. ..g..e..n..e.r..>..+++++...................a............<+++++..>.+++++.t..e.>+++++.<+++++.. ...................+++++^go^od ^^ gpg: key F9A8255C marked as ultimately trusted public and secret key created and signed.  gpg: checking the trustdb gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u pub   1024D/F9A8255C 2009-09-17       Key fingerprint = 90EA 5A35 6C35 992D 2532  BCDD D85E 71D1 F9A8 255C uid                  Amitabh Jain (Amitabh's PGP key) 
sub   2048g/9D5318A2 2009-09-17



2. List PGP keys

ajain@ubuntu:~$ gpg --list-keys
/home/ajain/.gnupg/pubring.gpg
------------------------------
pub   1024D/F9A8255C 2009-09-17
uid                  Amitabh Jain (Amitabh's PGP key) 
sub   2048g/9D5318A2 2009-09-17


3. Export PGP public key to text file (so you can share it with others)


ajain@ubuntu:~/temp$ gpg --armor --export amitabhj@gmail.com >aj_pgp_pub.txt


4. Export private key, so you can back it up at a secure place (in case your computer crashes),
or if you need to use it on another computer


ajain@ubuntu:~/temp$ gpg --export-secret-keys amitabhj@gmail.com >aj_pgp_private.txt

(copy the file over to new machine)

ajain@ubuntu2:~/temp$ gpg --import aj_pgp_private.txt


References:
1. A Practical Introduction to GNU Privacy Guard in Windows
2. GPG/PGP Basics
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)