Penguin
Recent Changes

Differences between version 65 and previous revision of GPG/PGPNotes.

Other diffs: Previous Major Revision, Previous Author, or view the Annotated Edit History

Newer page: version 65 Last edited on Sunday, May 14, 2006 1:43:00 pm by CraigBox Revert
Older page: version 64 Last edited on Sunday, May 14, 2006 1:39:51 pm by CraigBox Revert
@@ -1,5 +1,5 @@
-tands for "Pretty Good Privacy". An open-source version (that is compatible with PGP) is called GPG, for "[GNU] Privacy Guard". You can [get GnuPG from its webpage|http://www.gnupg.org]; Debian/Ubuntu users can type <tt>apt-get install gnupg</tt>. 
+PGP stands for "Pretty Good Privacy". An open-source version (that is compatible with PGP) is called GPG, for "[GNU] Privacy Guard". You can [get GnuPG from its webpage|http://www.gnupg.org]; Debian/Ubuntu users can type <tt>apt-get install gnupg</tt>. 
  
 Below, we give examples of how to set up GPG ready for use on your system. 
  
 !!! __Creating And Managing Keys__ 
@@ -52,9 +52,9 @@
 !!Creating a Key 
  
 Under Linux, you must first create a public key/private key pair. Assuming you have GPG installed, you can use the command <tt>gpg --gen-key</tt> to create a pair - you will have to answer a few easy questions. 
  
-__Note__: If you're generating your key on a remote FreeBSD box, it may not have enough entropy to generate the required amount of random data. To get around it add: <tt>rand_irqs="14"</tt>to your /etc/rc.conf and reboot, or: <tt>rndcontrol -q -s 14</tt>, which is not persistent. 
+__Note__: If you're generating your key on a remote FreeBSD box, it may not have enough entropy to generate the required amount of random data. To get around it add: <tt>rand_irqs="14"</tt> to your /etc/rc.conf and reboot, or: <tt>rndcontrol -q -s 14</tt>, which is not persistent. 
  
 This allows the system to get entropy from IRQ 14 which will be your IDE controller, so access your disk and you'll get enough entropy 
  
 Then you can find your key ID: <tt>gpg --list-keys</tt> 
@@ -73,33 +73,33 @@
 To get a key by email address you need to either use the web interfaces on the key servers (http://the.earth.li/) or if you are running a recent version of gpg(1) (more recent than the one in Debian 3.0) you can use <tt>gpg --search-key ''email@address''</tt>. 
  
 Also for recent versions of gpg(1) (1.2.1 and later) you can also do <tt>gpg --refresh-keys</tt>to download any new signatures for all of the keys in your keyring. 
  
-For example, quoted from PerryLorier
+For example: Perry's gpg ID is  
  
-''Perry's gpg-id is''  
- '' pub 1024D/2F33F144 2000-09-23 Perry Lorier (Local network) <perry@coders.tla>''  
- '' Key fingerprint = 0A5F E3C9 8CF7 7FB7 378D 3C1C 7008 11A7 2F33 F144''  
+<pre>  
+pub 1024D/2F33F144 2000-09-23 Perry Lorier (Local network) <perry@coders.tla>  
+ Key fingerprint = 0A5F E3C9 8CF7 7FB7 378D 3C1C 7008 11A7 2F33 F144  
+<pre>  
+  
+PerryLorier 's key id is 2F33F144, so you do <tt>gpg --recv-key 2F33F144</tt> and a few seconds later you have his GPG key. You need to use the --keyserver option if it has not already been set:  
+<pre>  
+gpg --keyserver the.earth.li --recv-key 2F33F144  
+</pre>  
  
-PerryLorier's key id is 2F33F144, so you do:  
- gpg --recv-key 2F33F144  
-and a few seconds later you have PerryLorier's gpg(1) key. You need to use the --keyserver option if it has not already been set:  
- gpg --keyserver the.earth.li --recv-key 2F33F144  
 You should see a message like: 
- $ gpg --keyserver the.earth.li --recv-key 2F33F144  
- gpg: requesting key 2F33F144 from the.earth.li ...  
- gpg: key 2F33F144: public key imported  
- gpg: Total number processed: 1  
- gpg: imported: 1  
-
+<pre>  
+ $ gpg --keyserver the.earth.li --recv-key 2F33F144  
+gpg: requesting key 2F33F144 from the.earth.li ...  
+gpg: key 2F33F144: public key imported  
+gpg: Total number processed: 1  
+gpg: imported: 1  
+$  
+</pre>  
  
-You can double check by doing  
- gpg --list-keys  
- again. 
+You can double check by doing <tt> gpg --list-keys</tt> again. 
  
-If the full key is posted on a website, try:  
- gpg --import key.asc  
-For example, you can find Red Hat's public key at [ http://www.redhat.com/solutions/security/news/publickey.html] 
+If the full key is posted on a website, try <tt> gpg --import key.asc</tt>: for example, you can find [ Red Hat's public key| http://www.redhat.com/solutions/security/news/publickey.html] on their website.  
  
 Here is what a full key looks like. ''Disclaimer: do __NOT__ import this key off this page, as it may have been tampered with (being a public wiki)'': 
 <pre> 
 Type bits/keyID Date User ID 
@@ -159,14 +159,13 @@
 </pre> 
  
 I spent ages trying to figure out what the parameter to "primary" was, when in fact it has none. Doh! 
  
-This is the same for deleting a uid with "deluid". You don't say  
- > deluid 2  
-You say  
- > 2  
- > deluid  
- 
+This is the same for deleting a uid with "deluid". You don't say <tt >deluid 2</tt>, you say  
+<pre>  
+> 2  
+> deluid  
+</pre>  
 !!Periodic Maintenance 
  
 <tt>gpg --rebuild-keydb-caches</tt> increases the speed of many operations for existing keyrings.