Gnu Privacy Guard (GPG) is the only tool you'll need for PGP on linux. You should be able to find it easily enough in whatever repo you're using.
GPG will create files by default in your home directory and ~/.gnupg/
Then you'll want to issue one of the following (possibly with options and filenames!):
gpg --generate-key
gpg --import-keys
Generate-keys will ask you a bunch of questions, all self-explanatory. The comment can be anything - a popular use is to put your Web site URL in here. After a bit of huffing and puffing, you should now have yourself a GPG identity with a public and private key pair either imported or just generated a second ago. Quickly verify you have at least one key pair available by issuing:
gpg --list-keys
gpg --list-secret-keys
It should spit back something similar to the below for each:
pub rsa3072 2019-03-27 [SC] [expires: 2021-07-26]
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
uid [ultimate] Chris Manning (https://linuxdoctorafcb.blogspot.com) <linuxdoctorafcb@gmail.com>
sub rsa3072 2019-03-27 [E]
The xxxxx's (the fingerprint) should be identical on both keys.
The first line tells us if it's a PUBlic or SECret key, the key type and length in bits (RSA, DSA), date created and expiry date (if one has been set).
Next is the fingerprint - a hash of the key.
Next line is the unique UserID made up of your name, email address and comment.
The final line tells us there is a subkey, and it can be used for [E]ncryption.
gpg --export-key -a "User Name" > public.key
This will create a file called public.key with the ascii representation
of the public key for User Name.
gpg --export-secret-key -a "User Name" > private.key
This will create a file called private.key with the ascii
representation of the private key for User Name.
To just sign and not encrypt a message (ie to leave it as a plaintext, fully readable message but just verified 100% as you - all PGP signed) then use this:
gpg --clearsign filename.txt
This
adds an encoded copy of the message at the bottom. All the recipient
has to do is see if the encoded copy matches the content of the message,
if it does, it must be from ME!
No comments:
Post a Comment