By: Sean Mancini
December 29, 2017
What is PGP and How is it Used?
By: Sean Mancini
December 29, 2017
Linux command line methodgpg –gen-key << This will tell PGP to generate a keygpg (GnuPG) 1.4.20; Copyright (C) 2015 Free Software Foundation, Inc.This is free software: you are free to change and redistribute it.There is NO WARRANTY, to the extent permitted by law.gpg: directory `/home/sean/.gnupg’ createdgpg: new configuration file `/home/sean/.gnupg/gpg.conf’ createdgpg: WARNING: options in `/home/sean/.gnupg/gpg.conf’ are not yet active during this rungpg: keyring `/home/sean/.gnupg/secring.gpg’ createdgpg: keyring `/home/sean/.gnupg/pubring.gpg’ createdIn this step, PGP will ask you what algorithm you want to use to create the ket RSA is the default and a good choicePlease select what kind of key you want:(1) RSA and RSA (default)(2) DSA and Elgamal(3) DSA (sign only)(4) RSA (sign only)Your selection? 1As I said above PGP supports up to 4096-bit encryption make sure to check the laws in your country on encryptionRSA keys may be between 1024 and 4096 bits long.What keys do you want? (2048)Requested keysize is 2048 bits You can set a key expiry belowPlease specify how long the key should be valid.
0 = key does not expire<n> = key expires in n days<n>w = key expires in n weeks<n>m = key expires in n months<n>y = key expires in n yearsKey is valid for? (0)Key does not expire at allIs this correct? (y/N) yYou need a user ID to identify your key; the software constructs the user IDfrom the Real Name, Comment and Email Address in this form:“Heinrich Heine (Der Dichter) <email@example.com>” Enter your personal details below along with a strong passphrase
Real name: bob smithEmail address: firstname.lastname@example.orgComment: 123You selected this USER-ID:“bob smith (123) <email@example.com>”Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? oYou need a Passphrase to protect your secret key.We need to generate a lot of random bytes. It is a good idea to performsome other action (type on the keyboard, move the mouse, utilize thedisks) during the prime generation; this gives the random numbergenerator a better chance to gain enough entropy.Not enough random bytes available. Please do some other work to givethe OS a chance to collect more entropy! (Need 136 more bytes)Now the last step can be a bit tricky if you are not doing this on a desktop computer or you are doing this on a virtual machine I recently posted about entropy and the issues that virtual machine have with not enough randomness the above is an example of that. This PC is a virtual machine and when I am generating a large key there is not enough entropy so you may need to run some commands and move the mouse and keyboard etc to generate the randomness.After this step is complete you will receive your keyID something like this ED87xxxxxonce that is done you can upload your newly generated key to the Ubuntu servers as followsgpg –keyserver keyserver.ubuntu.com –send-keys ED87xxxxx You will need to create a launchpad account on ubuntu to see your profile and confirm your key. You will receive an encrypted email from launchpad you will need to decrypt it and follow a link that is sent to you.If you want to decrypt a message you can copy and paste the message into a file and use gpg –decrypt message.txt.gpg to decrypt the message as your private key is stored locally the computer will have what it needs to decrypt it.