gnupg directory should be owned by you, the user account. Anyone who has access to revocation file can revoke your public key, so keep the files safe (or delete them, they can be generated again as long as you have the secret key).
In the public list there will also be the public keys of other people that you imported.
You will find there the primary public key which matches your secret key fingerprint and it also has its own public subkey. There is a whole system using a trust database trying to solve the problem of “Does this key really belong to the person it says or is someone trying to impersonate them?” but for the purpose of sharing data between few friends it can be safely ignored in my opinion. Since you created this key, you trust it ultimately. There is also a creation date and an expiration date, if any. You can display it by calling -list-keys with -with-subkey-fingerprint parameter. The subkey has its own, it is just not shown by default.
The 40 character long string is the fingerprint of your primary secret key. There is not much of a reason to revoke the signing key but you might want to revoke the decrypting subkey to protect the encrypted data and create a new subkey. There are some advantages to having them separate, mainly when it comes to revoking a key so others stop using it. So your primary key is used for signing and the subkey is used for decrypting. The two keys have different uses, marked with the letters in square brackets at the end:Ĭ – certify (sign another key to make it trusted) Uid – marks user ID associated with primary key, there can be more than one. Sub – public subkey, there can be more than one Pub – public (primary) key, there can be more than one The first three letter word is the type of key, these are: You can view your secret and public keys separately using the commands: You should help it by moving mouse around, typing in another window etc. Don’t forget it of course or you won’t be able to use your secret key anymore.
Gnu privacy guard gpg password#
The password is not part of the keys, it is used to encrypt the secret key for safe storage on your computer. If the resulting user ID is correct, continue with o.Type in a name associated with the keys.For encrypting you may want to have expiration date. For signing it is fine to never expire.Pick the largest one, you should not notice a difference in performance. Select the default RSA and RSA option.And a secret (also called private) key that only you have and you use it to decrypt the data and create file signatures. A public key that is shared with others so they can encrypt data before sending it to you and verify your signature. If you can’t generate new key pair, check your permissions (see Viewing keys on disk). Pretty much all operations with gpg should be done under your user account (i.e. Signing files, so that people know they come from you and have not been tampered with.Įven for these cases there are alternatives to GPG but it is up to you, if you trust them over the older and more widely adopted GPG.Two people want to share data without the need for both of them to be online at the same time.While for most situations there are other applications which are more user friendly and sometimes better than GPG, it still makes sense to use it in case: I am not an expert on GPG, PGP or encryption in general, so there is a possibility of incorrect information appearing here. It aims to provide all the necessary information for basic use of GPG. This is a guide for the GPG command line application that is available on Linux systems. Game Observatory : GNU Privacy Guard GNU Privacy Guard
0 kommentar(er)
