GPG Keys -- The Fast Method
From UMaine Supercomputer
Contents |
Generate a Key
The commands you will type are after (prompt).
(prompt) gpg --gen-key
This will generate a lot of text and ask you some questions. A quick summary of your responses is:
- Select (1) DSA and Elgamal (default)
- Select 0 = key does not expire
- Enter your real name and email address
- Enter a strong passphrase. The best passphrase you've ever thought of in your life. One that is not used elsewhere.
Check your Key
- Check to see if the key was created:
(prompt) gpg --list-keys
The output should look something like this, except that the key number '1A4DAE57' will be something different. Keep track of this key number. Of course the date will be different and your name will be in place of Cluster User.
... pub 1024D/1A4DAE57 2006-07-03 uid Cluster User <cluster_user@umit.maine.edu> sub 2048g/9C9BA43E 2006-07-03
Export Your Key
Now type the following command with '1A4DAE57' changed to what you saw in the last command.
(prompt) gpg --armor --output public_key --export 1A4DAE57
- This will create a file named public_key. Send this to us by email.
- 1A4DAE57 comes from the above output of --list-keys
Now e-mail us this key (as in-body ascii text) and we will email you a file containing your password.
Decrypting an Email Attachment
Once you get the email from us, save the attached file to disk and type the following, replacing <filename-from-us> with your file name.
(prompt) gpg --output <new-filename> --decrypt <filename-from-us>
- filename-from-us is an encrypted attachment you received from us.
- new-filename will be the decrypted output file it can be named anything.
- This command will require you to type in the passphrase you chose when you generated your key.
Final Steps
- BACKUP the .gnupg/ directory and keep it in a very safe place.
- When you get a chance, read the longer document. GPG keys
