Labs, Security

GPG Lab

Leave a comment

Although we have seen examples of how to install gpg for Windows and integrate with Outlook, this class lab is designed to get gpg working in Linux with the Evolution email client.

Generate a Key for signing only


# gpg --gen-key
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 1
What keysize do you want? (4096)
Please specify how long the key should be valid.
0 = key does not expire
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
Real name: John Smith
Email address: jsmith@classlab.edu
Comment:
You selected this USER-ID: "John Smith <jsmith@classlab.edu>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

List Keys on keyring


# gpg --list-key

Add a SubKey for encryption


# gpg --edit-key 'John Smith'
Command> addkey
Key is protected.
You need a passphrase to unlock the secret key for <jsmith@classlab.edu>
Please select what kind of key you want:
(2) DSA (sign only)
(4) Elgamal (encrypt only)
(5) RSA (sign only)
(6) RSA (encrypt only)
Your selection? 6
What keysize do you want? (4096)

Please specify how long the key should be valid.
0 = key does not expire
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
Really create? (y/N) y

Command> save

List Keys on keyring

# gpg --list-key

Create a test file using vi with some example text and save as file1.txt

Encrypt using symmetric cipher, separate from the keys you just created.


# gpg -c file1.txt

Enter passphrase: (just enter hello as the passphrase)
Repeat passphrase:

# ls
# more file1.txt
# more file1.txt.gpg

Delete file1.txt and decrypt file1.txt.gpg


# gpg file1.txt.gpg
Enter passphrase:

Create a signature file using the encryption key you created.


# gpg --clearsign file1.txt
Enter passphrase:

# ls
# more file1.txt.asc

Encrypt a file using the key you created.(binary format)


# gpg -e -r 'John Smith' file1.txt

Decrypt the file


# gpg -d file1.txt.gpg
Enter passphrase:

Encrypt a file in ascii format


# gpg -e -r 'John Smith' -a file1.txt

# ls
# more file1.txt.asc

Decrypt the ascii formatted file


# gpg -d file1.txt.asc
Enter passphrase:

Export your public key to send to other people


# gpg -a --export 'John Smith'
# gpg -a --export 'John Smith' > jsmith.key

Import the public key you received from another user


# gpg --import jane.key
# gpg --list-key

Encrypt a file using Jane’s public key and email the file to her to decrypt


# gpg -e -r 'Jane' -a file1.txt

Now . . . email file1.txt.asc to Jane to decrypt

Encrypt the file for multiple recipients. It makes sense to include yourself as well.


# gpg -e -r 'John Smith' -r 'Jane' -a file1.txt

Delete the Jane key from your keyring


# gpg --delete-key 'Jane'
# gpg --list-key

In the evolution email client, select Edit -> Preferences and select your email account and click Edit. Select the Security tab, enter your gpg key id and select any options you would prefer to use.

e1

To email a signed or encrypted message in evolution, select the Security drop-down menu and choose PGP sign or encrypt as shown below.

e2

Make sure you exchange keys with your lab partner and verify that the emails you send can be encrypted and decrypted using the correct gpg keys.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s