This will give you a reasonable assurance that you both are using the same public key information. Luckily, instead of verifying the entire public keys of both parties, you can simply compare the fingerprint derived from these keys. If you never want to communicate over insecure channels, verification of the public key could be problematic. You may not know the other party personally, or you may be separated by physical distance. This should be a pretty secure way of identifying that you are receiving the correct, legitimate key.īut there are many other circumstances where such personal contact is not possible. You may be sitting right next to the person with your laptops both open and exchanging keys. How do you know that the person giving you the public key is who they say they are? In some cases, this may be simple. While you can freely distribute your generated public key file and people can use this to contact you in an encrypted way, there is still an issue of trust in the initial public key transmission. Upload Your Public Key $ gpg -send-keys -keyserver hkp:// List the keys with gpg -list-keys command, and delete keys with gpg -delete-key command.Įxport Your Public Key $ gpg -armor -output public-key.txt -export Įxport Your Private Key $ gpg -armor -output private-key.txt -export-secret-keys This revocation key must be generated ahead of time and kept in a secure, separate location in case your computer is compromised or inoperable.
This should be done as soon as you make the key pair, not when you need it. There is an easy way of doing this with the GPG software. You need to have a way of invalidating your key pair in case there is a security breach, or in case you lose your secret key. Enter passphrase: Enter a secure passphrase here (upper & lower case, digits, symbols).Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O.Comment: Optional comment that will be visible in your signature.Please select what kind of key you want: (1) RSA and RSA (default).This will take you through a few questions that will configure your keys. Install on OS X via Homebrew $ brew install gnupgĪfter install, get help information to run gpg -help command. Install via system package control # Debian / Ubuntu We can use GPG to Encrypt and Sign messages. GnuPG is part of the GNU project, and has received major funding from the German government. Modern versions of PGP and Veridis' Filecrypt are interoperable with GnuPG and other OpenPGP-compliant systems. GnuPG is compliant with RFC 4880, which is the IETF standards track specification of OpenPGP. GNU Privacy Guard (GnuPG or GPG) is a free software replacement for Symantec's PGP cryptographic software suite.
0 kommentar(er)
