Thursday, August 27, 2009

[updated] GnuPG: PGP under Linux

Install the gnupg:

#---
yum - y install \
gnupg2
#---


To generate a key:

#---
gpg2 --gen-key
#---


To export the public key:

#---
gpg2 -a -o pubkey.asc --export <your email>
#---


To export your private key (for backup purposes only, NOT recommended):

#---
gpg2 -a -o privkey.asc --export-secret-keys <your email>
#---


To import a public key:

#---
gpg2 --import <pubkey file>
#---


To sign a key:

#---
gpg2 --sign-key <key email address>
#---


To encrypt a file, in ASCII mode:

#---
gpg2 -a -o <output file>.asc -r <your email> [-r <recipient's email>] -e <file to encrypt>
#---


To decrypt a file:

#---
gpg2 -o <output file> -d <input file>
#---


If you don't like command line you can try two GUIs:

#---
yum -y install \
kdeutils \
gpa
#---


NOTE: KDEUtils comes with KGpg which is the best among the two.

[update]

A reader (see his comment below) drove my attention a missing point: "how to import secret keys to GnuPG?" the answer is: use the old GnuPG for it:

#---
yum -y install \
gnupg
#---


To import secret keys:

#---
gpg --import <key file>
#---


Sorry, about the "hackerish" part, but it works.

3 comments:

STRSHR said...

Any clue how to import a private key on up2date Fedora 11?
[strshr@T-34 ~]$ gpg2 --import secring.skr
gpg: importing secret keys not allowed
gpg: Total number processed: 1
gpg: secret keys read: 1
[strshr@T-34 ~]$
Selinux is disabled, I've read somewhere that the included by default selinux patch for gnupg prevents the user from importing private keys.

Gustavo said...

Yeah, that is kind of tricky, because GnuPG guy are getting really paranoid. The answer to your question is: use the same command WITHOUT the "2":

#---
gpg --import secring.skr
#---

That is the easiest way I found to over come this problem.

STRSHR said...

Thanks a lot, Gustavo, that did the job! Cheers! ;)