Although we have seen examples of how to install gpg
for Windows and integrate with Outlook, this class lab is designed to get gpg
working in Linux with the Evolution email client.
Generate a Key for signing only
# gpg --gen-key
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 1
What keysize do you want? (4096)
Please specify how long the key should be valid.
0 = key does not expire
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
Real name: John Smith
Email address: jsmith@classlab.edu
Comment:
You selected this USER-ID: "John Smith <jsmith@classlab.edu>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.
List Keys on keyring
# gpg --list-key
Add a SubKey for encryption
# gpg --edit-key 'John Smith'
Command> addkey
Key is protected.
You need a passphrase to unlock the secret key for <jsmith@classlab.edu>
Please select what kind of key you want:
(2) DSA (sign only)
(4) Elgamal (encrypt only)
(5) RSA (sign only)
(6) RSA (encrypt only)
Your selection? 6
What keysize do you want? (4096)
Please specify how long the key should be valid.
0 = key does not expire
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
Really create? (y/N) y
Command> save
List Keys on keyring
# gpg --list-key
Create a test file using vi
with some example text and save as file1.txt
Encrypt using symmetric cipher, separate from the keys you just created.
# gpg -c file1.txt
Enter passphrase: (just enter hello as the passphrase)
Repeat passphrase:
# ls
# more file1.txt
# more file1.txt.gpg
Delete file1.txt and decrypt file1.txt.gpg
# gpg file1.txt.gpg
Enter passphrase:
Create a signature file using the encryption key you created.
# gpg --clearsign file1.txt
Enter passphrase:
# ls
# more file1.txt.asc
Encrypt a file using the key you created.(binary format)
# gpg -e -r 'John Smith' file1.txt
Decrypt the file
# gpg -d file1.txt.gpg
Enter passphrase:
Encrypt a file in ascii format
# gpg -e -r 'John Smith' -a file1.txt
# ls
# more file1.txt.asc
Decrypt the ascii formatted file
# gpg -d file1.txt.asc
Enter passphrase:
Export your public key to send to other people
# gpg -a --export 'John Smith'
# gpg -a --export 'John Smith' > jsmith.key
Import the public key you received from another user
# gpg --import jane.key
# gpg --list-key
Encrypt a file using Jane’s public key and email the file to her to decrypt
# gpg -e -r 'Jane' -a file1.txt
Now . . . email file1.txt.asc to Jane to decrypt
Encrypt the file for multiple recipients. It makes sense to include yourself as well.
# gpg -e -r 'John Smith' -r 'Jane' -a file1.txt
Delete the Jane key from your keyring
# gpg --delete-key 'Jane'
# gpg --list-key