PGP ( Pretty Good Privacy )
|
|
| PGP2 - PGP5 - GnuPG
|
- PGP2
- PGP5
- keys are generated by DSS/DH (Digital Signature Standard/Diffie-Helman)
- data is encrypted by CAST, Triple-DES, and IDEA as encrypt algorithms
- PGP is free for personal use
- PGP is NOT free for commercial use
- ~/.pgp/pgp.cfg == pgp config
- ~/.pgp/pubring.pkr == public key ring
- ~/.pgp/priring.skr == private key ring
- ~/.gnupg/options
- ~/.gnupg/gpg.conf
- GnuPG ... GnuPG.org
- en.wikipedia.org/wiki/GNU_Privacy_Guard Wikipedia.org
- GnuPG does not have and does not use any patented software
- GnuPG is "open source"
- OpenPGP ... OpenPGP.org
|
| PGP Servers
|
|
| PGP Clients
|
|
| PGP RFCs
|
IETF RFC1847 - Security Multiparts for MIME: Multipart/signed and Multipart/encripted
IETF RFC1848 - MIME Object Security Services
IETF RFC1991 - PGP Message Exchange Formats ( obsolete )
IETF RFC2015 - MIME Security with Pretty Good Privacy (PGP)
IETF RFC2440 - OpenPGP Message Format ( obsolete )
IETF RFC4840 - OpenPGP Message Format
|
| PGP - GnuPG keys
|
gnupg.org Manual
Apache.org OpenPGP
FedoraProject.org PGP Howto
Gentoo.org gnuPG User Guide
Ubuntu.com GnuPG Howto
UbuntuForums.org Installing GnuPG2
dewinter.com
arc.apotheon.org GnuPG Quickstart/Howto
queen.clara.net Beginners Guide to GnuPG
IndyMedia.org Keyserver Howto
- Create your public and private key
- gpg2 --gen-key
- gpg2 --fingerprint
- Export/Register your public key
- --armor exports in ascii format ( aka ascii-armor ) instead of binary file
- gpg2 --export uid
- gpg2 --armor --output YourPublicKey.asc --export you@your-domain.com
- Include a header in your emails
- X-PGP-Key: http://your-domain.com/your.public.key.asc
- use contact info in your webpages, http://your-domain.com/keyring
- use public key server
- gpg2 --send-keys MyKeyID --keyserver hkp://subkeys.pgp.net
- gpg2 --keyserver subkeys.pgp.net --keyserver-options honor-http-proxy --send-key MyKeyID
- gpg2 --keyserver=x-hkp://pgp.mit.edu -a --send-keys MyKeyID
- gpg2 --keyserver nyfss.org --send-key MyKeyID
- use finger
- Importing their public key
- GnuPG will not import keys which are not self-signed
- gpg2 --import their.public.key.txt
- gpg2 --allow-secret-key-import --import their.public.key.txt
- use public key server
- gpg2 --recv-keys their-email@TheirDomain.com --keyserver hkp://subkeys.pgp.net
- gpg2 --keyserver subkeys.pgp.net --keyserver-options honor-http-proxy --search-keys their-email@TheirDomain.com
- gpg2 --keyserver nyfss.org --recv-key TheiKeyID
- Other Useful Public Keys Commands
- gpg2 --edit-key == add their key to your keyring
- gpg2 --list-keys
- gpg2 --list-sigs
- gpg2 --fingerprint
- gpg2 --refresh-keys
- gpg2 --delete-key
- Key Servers
|
| Encrypting - Decrypting
|
dewinter.com
arc.apotheon.org GnuPG Quickstart/Howto
queen.clara.net Beginners Guide to GnuPG
kmail.kde.org Kmail + PGP howto
CodeSorcery.net Mutt + GnuPG Howto
nctu.edu.tw GnuPG for Daily Use
- Encrypting files
- gpg2 --encrypt --armor sample.txt
- gpg2 --armor --encrypt sample.txt -r TheirKeyID
- gpg2 -e -a -r RecipientPublicKeyID file.txt
- gpg2 --encrypt RecipientPublicKeyID filename.txt
- gpg2 --encrypt --recipient RecipientPublicKeyID [ -r other_recipients ] filename.txt
- Encrypting and signing files
- gpg2 --encrypt --sign -r RecipientPublicKeyID [ -r other_recipients ] filename.txt
- Decrypting files
- if the exported keyfile is to be included as part of an e-mail message,
you should ensure that it is "ASCII-armoured"
- gpg2 -d -o newdecryptedfile file.asc.gpg
- gpg2 --decrypt sample.txt.asc --output decrypted.txt
- gpg2 --decrypt Recipient [Data]
- gpg2 --output decrypted.txt --decrypt encrypted.txt.gpg
- Decrypting signed files
|
| Signing and Verifying
|
dewinter.com
gpg2 --sign
gpg2 --clearsign sample.txt
- outputs encrypted and signed message sample.txt.asc
gpg2 --detach-sign .. signature in separate file
gpg2 --verify
gpg2 --verify sample.txt.asc
|
| PGP
|
|
| PGP HOWTO - FAQs
|
|
| PGP Variations
|
|
| PGP Mailing Lists
|
|
| Attacking and Breaking PGP
|
|
| PGP Phone
|
|
| Misc PGP Links
|
|
| Privacy Issues
|
|
