1999-07-23 14:03:01 +02:00
|
|
|
-----BEGIN PGP SIGNED MESSAGE-----
|
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
GnuPG - The GNU Privacy Guard
|
|
|
|
-------------------------------
|
1999-09-18 13:04:00 +02:00
|
|
|
Version 1.0
|
1999-09-02 16:50:38 +02:00
|
|
|
|
1999-09-06 20:10:27 +02:00
|
|
|
GnuPG is GNU's tool for secure communication and data storage.
|
|
|
|
It can be used to encrypt data and to create digital signatures.
|
1999-09-02 16:50:38 +02:00
|
|
|
It includes an advanced key management facility and is compliant
|
1999-09-06 20:10:27 +02:00
|
|
|
with the proposed OpenPGP Internet standard as described in RFC2440.
|
1998-12-23 13:41:40 +01:00
|
|
|
|
1999-09-06 20:10:27 +02:00
|
|
|
GnuPG works best on GNU/Linux or *BSD systems. Most other Unices
|
|
|
|
are also supported but are not as well tested as the Free Unices.
|
|
|
|
See http://www.gnupg.org/gnupg.html#supsys for a list of systems
|
|
|
|
which are known to work.
|
1997-12-16 20:15:09 +01:00
|
|
|
|
|
|
|
See the file COPYING for copyright and warranty information.
|
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
Because GnuPG does not use use any patented algorithm it cannot be
|
|
|
|
compatible with PGP2 versions. PGP 2.x uses only IDEA (which is
|
|
|
|
patented worldwide) and RSA (which is patented in the United States
|
|
|
|
until Sep 20, 2000).
|
1997-12-16 20:15:09 +01:00
|
|
|
|
1999-06-26 12:23:06 +02:00
|
|
|
The default algorithms are DSA and ElGamal. ElGamal for signing
|
1999-02-10 17:22:40 +01:00
|
|
|
is still available, but because of the larger size of such
|
|
|
|
signatures it is deprecated (Please note that the GnuPG
|
|
|
|
implementation of ElGamal signatures is *not* insecure). Symmetric
|
1999-06-26 12:23:06 +02:00
|
|
|
algorithms are: 3DES, Blowfish, CAST5 and Twofish (GnuPG does not
|
1999-09-02 16:50:38 +02:00
|
|
|
yet create Twofish encrypted messages because there is no agreement
|
1999-08-31 17:30:12 +02:00
|
|
|
in the OpenPGP WG on how to use it together with a MDC algorithm)
|
1999-09-06 20:10:27 +02:00
|
|
|
Digest algorithms available are MD5, RIPEMD160 and SHA1.
|
1997-12-16 20:15:09 +01:00
|
|
|
|
1998-01-05 20:13:15 +01:00
|
|
|
|
1998-01-12 11:18:17 +01:00
|
|
|
Installation
|
|
|
|
------------
|
|
|
|
|
1998-10-07 15:30:43 +02:00
|
|
|
Please read the file INSTALL!
|
1998-09-28 21:25:31 +02:00
|
|
|
|
|
|
|
Here is a quick summary:
|
1998-01-12 11:18:17 +01:00
|
|
|
|
1999-08-04 10:45:27 +02:00
|
|
|
1) Check that you have unmodified sources. The below on how to do this.
|
|
|
|
Don't skip it - this is an important step!
|
|
|
|
|
|
|
|
2) Unpack the TAR. With GNU tar you can do it this way:
|
|
|
|
"tar xzvf gnupg-x.y.z.tar.gz"
|
1998-01-12 11:18:17 +01:00
|
|
|
|
1999-08-04 10:45:27 +02:00
|
|
|
3) "cd gnupg-x.y.z"
|
1998-01-12 11:18:17 +01:00
|
|
|
|
1999-08-04 10:45:27 +02:00
|
|
|
4) "./configure"
|
1998-01-12 11:18:17 +01:00
|
|
|
|
1999-08-04 10:45:27 +02:00
|
|
|
5) "make"
|
|
|
|
|
|
|
|
6) "make install"
|
|
|
|
|
|
|
|
7) You end up with a "gpg" binary in /usr/local/bin.
|
|
|
|
Note: Because some old programs rely on the existence of a
|
1999-09-06 20:10:27 +02:00
|
|
|
binary named "gpgm" (which was build by some Beta versions
|
|
|
|
of GnuPG); you may want to install a symbolic link to it:
|
|
|
|
"cd /usr/local/bin; ln -s gpg gpgm"
|
1998-12-23 13:41:40 +01:00
|
|
|
|
1999-08-04 10:45:27 +02:00
|
|
|
8) To avoid swapping out of sensitive data, you can install "gpg" as
|
1999-05-06 14:26:10 +02:00
|
|
|
suid root. If you don't do so, you may want to add the option
|
|
|
|
"no-secmem-warning" to ~/.gnupg/options
|
1998-12-23 13:41:40 +01:00
|
|
|
|
1998-02-13 21:58:50 +01:00
|
|
|
|
1999-08-04 10:45:27 +02:00
|
|
|
How to Verify the Source
|
|
|
|
------------------------
|
|
|
|
|
|
|
|
In order to check that the version of GnuPG which you are going to
|
|
|
|
install is an original and unmodified one, you can do it in one of
|
|
|
|
the following ways:
|
|
|
|
|
|
|
|
a) If you already have a trusted Version of GnuPG installed, you
|
|
|
|
can simply check the supplied signature:
|
|
|
|
|
|
|
|
$ gpg --verify gnupg-x.y.z.tar.gz.asc
|
|
|
|
|
|
|
|
This checks that the detached signature gnupg-x.y.z.tar.gz.asc
|
|
|
|
is indeed a a signature of gnupg-x.y.z.tar.gz. The key used to
|
|
|
|
create this signature is:
|
|
|
|
|
|
|
|
"pub 1024D/57548DCD 1998-07-07 Werner Koch (gnupg sig) <dd9jn@gnu.org>"
|
|
|
|
|
|
|
|
If you do not have this key, you can get it from the source in
|
|
|
|
the file g10/pubring.asc (use "gpg --import g10/pubring.gpg" to
|
|
|
|
add it to the keyring) or from any keyserver. You have to make
|
|
|
|
sure that this is really the key and not a faked one. You can do
|
|
|
|
this by comparing the output of:
|
|
|
|
|
|
|
|
$ gpg --fingerprint 0x57548DCD
|
|
|
|
|
|
|
|
with the elsewhere published fingerprint, or - if you are able to
|
|
|
|
_positively_ verify the signature of this README file - with
|
|
|
|
this fingerprint: "6BD9 050F D8FC 941B 4341 2DCC 68B7 AB89 5754 8DCD"
|
|
|
|
|
|
|
|
Please note, that you have to use an old version of GnuPG to
|
|
|
|
do all this stuff. *Never* use the version which you are going
|
|
|
|
to check!
|
|
|
|
|
|
|
|
|
|
|
|
b) If you have a trusted Version of PGP 2 or 5 installed, you
|
|
|
|
can check the supplied PGP 2 signature:
|
|
|
|
|
|
|
|
$ pgp gnupg-x.y.z.tar.gz.sig gnupg-x.y.z.tar.gz
|
|
|
|
|
|
|
|
This checks that the detached signature gnupg-x.y.z.tar.gz.sig
|
|
|
|
is indeed a a signature of gnupg-x.y.z.tar.gz. Please note,
|
|
|
|
that this signature has been created with a RSA signature and
|
|
|
|
you probably can't use this method (due to legal reasons) when
|
|
|
|
you are in the U.S. The key used to create this signature is
|
|
|
|
the same as the one used to sign this README file. It should be
|
|
|
|
available at the keyservers and is also included in the source
|
|
|
|
of GnuPG in g10/pubring.asc.
|
|
|
|
|
|
|
|
"pub 768R/0C9857A5 1995-09-30 Werner Koch <werner.koch@guug.de>"
|
|
|
|
|
1999-08-31 17:30:12 +02:00
|
|
|
The fingerprint of this key is published in printed form in the
|
1999-08-04 10:45:27 +02:00
|
|
|
"Global Trust Register for 1998", ISBN 0-9532397-0-5.
|
|
|
|
|
|
|
|
|
|
|
|
c) If you don't have any of the above programs, you have to verify
|
|
|
|
the MD5 checksum:
|
|
|
|
|
1999-11-12 20:32:00 +01:00
|
|
|
$ md5sum gnupg-x.y.z.tar.gz
|
1999-08-04 10:45:27 +02:00
|
|
|
|
1999-09-06 20:10:27 +02:00
|
|
|
This should yield an output similar_to this:
|
1999-08-04 10:45:27 +02:00
|
|
|
|
|
|
|
fd9351b26b3189c1d577f0970f9dcadc gnupg-x.y.z.tar.gz
|
|
|
|
|
|
|
|
Now check that this checksum is _exactly_ the same as the one
|
1999-08-31 17:30:12 +02:00
|
|
|
published via the announcement list and probably via Usenet.
|
1999-08-04 10:45:27 +02:00
|
|
|
|
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
|
1999-09-06 20:10:27 +02:00
|
|
|
Documentation
|
|
|
|
-------------
|
|
|
|
|
|
|
|
A draft version of the manual is included in the subdirectory doc/gph.
|
|
|
|
The supplied version is rendered in HTML and you may access it with any
|
|
|
|
browser (e.g.: lynx doc/gpg/index.html). The GnuPG webpages have a link
|
|
|
|
to the latest development version and you may want to read those instead.
|
|
|
|
|
|
|
|
A couple of HOWTO documents are available online; for a listing see:
|
1999-09-02 16:50:38 +02:00
|
|
|
|
|
|
|
http://www.gnupg.org/docs.html#howtos
|
|
|
|
|
1999-09-06 20:10:27 +02:00
|
|
|
A man page with a description of all commands and options gets installed
|
|
|
|
along with the program.
|
|
|
|
|
|
|
|
|
|
|
|
Introduction
|
|
|
|
------------
|
|
|
|
|
1999-09-02 16:50:38 +02:00
|
|
|
Here is a brief overview on how to use GnuPG - it is strongly suggested
|
|
|
|
that you read the manual and other information about the use of
|
1999-09-06 20:10:27 +02:00
|
|
|
cryptography. GnuPG is only a tool, secure usage requires that
|
|
|
|
YOU KNOW WHAT YOU ARE DOING.
|
1998-01-12 11:18:17 +01:00
|
|
|
|
1998-12-23 13:41:40 +01:00
|
|
|
If you already have a DSA key from PGP 5 (they call them DH/ElGamal)
|
|
|
|
you can simply copy the pgp keyrings over the GnuPG keyrings after
|
1999-02-10 17:22:40 +01:00
|
|
|
running gpg once to create the correct directory.
|
1998-01-12 11:18:17 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
The normal way to create a key is
|
1997-12-20 18:23:29 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
gpg --gen-key
|
1997-12-20 18:23:29 +01:00
|
|
|
|
|
|
|
This asks some questions and then starts key generation. To create
|
1998-12-23 13:41:40 +01:00
|
|
|
good random numbers for the key parameters, GnuPG needs to gather
|
|
|
|
enough noise (entropy) from your system. If you see no progress
|
|
|
|
during key generation you should start some other activities such
|
|
|
|
as mouse moves or hitting on the CTRL and SHIFT keys.
|
|
|
|
|
|
|
|
Generate a key ONLY on a machine where you have direct physical
|
|
|
|
access - don't do it over the network or on a machine used also
|
|
|
|
by others - especially if you have no access to the root account.
|
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
When you are asked for a passphrase use a good one which you can
|
|
|
|
easy remember. Don't make the passphrase too long because you have
|
|
|
|
to type it for every decryption or signing; but, - AND THIS IS VERY
|
|
|
|
IMPORTANT - use a good one that is not easily to guess because the
|
1998-12-23 13:41:40 +01:00
|
|
|
security of the whole system relies on your secret key and the
|
1999-02-10 17:22:40 +01:00
|
|
|
passphrase that protects it when someone gains access to your secret
|
|
|
|
keyring. A good way to select a passphrase is to figure out a short
|
|
|
|
nonsense sentence which makes some sense for you and modify it by
|
|
|
|
inserting extra spaces, non-letters and changing the case of some
|
|
|
|
characters - this is really easy to remember especially if you
|
|
|
|
associate some pictures with it.
|
1998-12-23 13:41:40 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
Next, you should create a revocation certificate in case someone
|
|
|
|
gets knowledge of your secret key or you forgot your passphrase
|
1998-02-17 21:48:52 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
gpg --gen-revoke your_user_id
|
1998-02-17 21:48:52 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
Run this command and store the revocation certificate away. The output
|
|
|
|
is always ASCII armored, so that you can print it and (hopefully
|
|
|
|
never) re-create it if your electronic media fails.
|
1998-02-17 21:48:52 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
Now you can use your key to create digital signatures
|
1997-12-20 18:23:29 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
gpg -s file
|
1997-12-20 18:23:29 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
This creates a file "file.gpg" which is compressed and has a
|
|
|
|
signature attached.
|
1997-12-20 18:23:29 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
gpg -sa file
|
1997-12-20 18:23:29 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
Same as above, but creates a file "file.asc" which is ASCII armored
|
1999-06-16 20:25:37 +02:00
|
|
|
and and ready for sending by mail. It is better to use your
|
1998-12-23 13:41:40 +01:00
|
|
|
mailers features to create signatures (The mailer uses GnuPG to do
|
|
|
|
this) because the mailer has the ability to MIME encode such
|
|
|
|
signatures - but this is not a security issue.
|
1997-12-20 18:23:29 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
gpg -s -o out file
|
1997-12-20 18:23:29 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
Creates a signature of "file", but writes the output to the file
|
|
|
|
"out".
|
1997-12-20 18:23:29 +01:00
|
|
|
|
1998-12-23 13:41:40 +01:00
|
|
|
Everyone who knows your public key (you can and should publish
|
|
|
|
your key by putting it on a key server, a web page or in your .plan
|
1999-02-10 17:22:40 +01:00
|
|
|
file) is now able to check whether you really signed this text
|
1998-07-29 21:35:05 +02:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
gpg --verify file
|
1998-01-02 21:40:10 +01:00
|
|
|
|
1998-12-23 13:41:40 +01:00
|
|
|
GnuPG now checks whether the signature is valid and prints an
|
|
|
|
appropriate message. If the signature is good, you know at least
|
|
|
|
that the person (or machine) has access to the secret key which
|
|
|
|
corresponds to the published public key.
|
1999-02-10 17:22:40 +01:00
|
|
|
|
1998-12-23 13:41:40 +01:00
|
|
|
If you run gpg without an option it will verify the signature and
|
1999-02-10 17:22:40 +01:00
|
|
|
create a new file that is identical to the original. gpg can also
|
|
|
|
run as a filter, so that you can pipe data to verify trough it
|
1997-12-20 18:23:29 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
cat signed-file | gpg | wc -l
|
1997-12-20 18:23:29 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
which will check the signature of signed-file and then display the
|
1998-12-23 13:41:40 +01:00
|
|
|
number of lines in the original file.
|
1997-12-20 18:23:29 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
To send a message encrypted to someone you can use
|
1997-12-20 18:23:29 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
gpg -e -r heine file
|
1997-12-20 18:23:29 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
This encrypts "file" with the public key of the user "heine" and
|
1998-12-23 13:41:40 +01:00
|
|
|
writes it to "file.gpg"
|
1997-12-20 18:23:29 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
echo "hello" | gpg -ea -r heine | mail heine
|
1998-01-02 21:40:10 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
Ditto, but encrypts "hello\n" and mails it as ASCII armored message
|
1998-12-23 13:41:40 +01:00
|
|
|
to the user with the mail address heine.
|
1998-01-02 21:40:10 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
gpg -se -r heine file
|
1998-01-02 21:40:10 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
This encrypts "file" with the public key of "heine" and writes it
|
1998-12-23 13:41:40 +01:00
|
|
|
to "file.gpg" after signing it with your user id.
|
1998-01-02 21:40:10 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
gpg -se -r heine -u Suttner file
|
1998-01-02 21:40:10 +01:00
|
|
|
|
1998-12-23 13:41:40 +01:00
|
|
|
Ditto, but sign the file with your alternative user id "Suttner"
|
1998-01-02 21:40:10 +01:00
|
|
|
|
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
GnuPG has some options to help you publish public keys. This is
|
|
|
|
called "exporting" a key, thus
|
1998-02-17 21:48:52 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
gpg --export >all-my-keys
|
1998-02-17 21:48:52 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
exports all the keys in the keyring and writes them (in a binary
|
|
|
|
format) to "all-my-keys". You may then mail "all-my-keys" as an
|
|
|
|
MIME attachment to someone else or put it on an FTP server. To
|
|
|
|
export only some user IDs, you give them as arguments on the command
|
|
|
|
line.
|
1998-02-17 21:48:52 +01:00
|
|
|
|
1998-12-23 13:41:40 +01:00
|
|
|
To mail a public key or put it on a web page you have to create
|
1999-02-10 17:22:40 +01:00
|
|
|
the key in ASCII armored format
|
1998-02-17 21:48:52 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
gpg --export --armor | mail panther@tiger.int
|
1998-02-17 21:48:52 +01:00
|
|
|
|
1998-12-23 13:41:40 +01:00
|
|
|
This will send all your public keys to your friend panther.
|
1998-02-17 21:48:52 +01:00
|
|
|
|
1998-12-23 13:41:40 +01:00
|
|
|
If you have received a key from someone else you can put it
|
1999-02-10 17:22:40 +01:00
|
|
|
into your public keyring. This is called "importing"
|
1998-02-17 21:48:52 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
gpg --import [filenames]
|
1998-02-17 21:48:52 +01:00
|
|
|
|
1998-12-23 13:41:40 +01:00
|
|
|
New keys are appended to your keyring and already existing
|
1999-02-10 17:22:40 +01:00
|
|
|
keys are updated. Note that GnuPG does not import keys that
|
|
|
|
are not self-signed.
|
1998-12-23 13:41:40 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
Because anyone can claim that a public key belongs to her
|
|
|
|
we must have some way to check that a public key really belongs
|
1998-12-23 13:41:40 +01:00
|
|
|
to the owner. This can be achieved by comparing the key during
|
|
|
|
a phone call. Sure, it is not very easy to compare a binary file
|
|
|
|
by reading the complete hex dump of the file - GnuPG (and nearly
|
|
|
|
every other program used for management of cryptographic keys)
|
1999-02-10 17:22:40 +01:00
|
|
|
provides other solutions.
|
1998-12-23 13:41:40 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
gpg --fingerprint <username>
|
1998-12-23 13:41:40 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
prints the so called "fingerprint" of the given username which
|
1998-12-23 13:41:40 +01:00
|
|
|
is a sequence of hex bytes (which you may have noticed in mail
|
1999-02-10 17:22:40 +01:00
|
|
|
sigs or on business cards) that uniquely identifies the public
|
|
|
|
key - different keys will always have different fingerprints.
|
|
|
|
It is easy to compare fingerprints by phone and I suggest
|
1998-12-23 13:41:40 +01:00
|
|
|
that you print your fingerprint on the back of your business
|
1999-05-06 14:26:10 +02:00
|
|
|
card. To see the fingerprints of the secondary keys, you can
|
|
|
|
give the command twice; but this is normally not needed.
|
1998-12-23 13:41:40 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
If you don't know the owner of the public key you are in trouble.
|
|
|
|
Suppose however that friend of yours knows someone who knows someone
|
|
|
|
who has met the owner of the public key at some computer conference.
|
|
|
|
Suppose that all the people between you and the public key holder
|
1999-06-16 20:25:37 +02:00
|
|
|
may now act as introducers to you. Introducers signing keys thereby
|
1999-02-10 17:22:40 +01:00
|
|
|
certify that they know the owner of the keys they sign. If you then
|
|
|
|
trust all the introducers to have correctly signed other keys, you
|
|
|
|
can be be sure that the other key really belongs to the one who
|
|
|
|
claims to own it..
|
|
|
|
|
|
|
|
There are 2 steps to validate a key:
|
1999-06-16 20:25:37 +02:00
|
|
|
1. First check that there is a complete chain
|
|
|
|
of signed keys from the public key you want to use
|
|
|
|
and your key and verify each signature.
|
|
|
|
2. Make sure that you have full trust in the certificates
|
|
|
|
of all the introduces between the public key holder and
|
|
|
|
you.
|
1998-12-23 13:41:40 +01:00
|
|
|
Step 2 is the more complicated part because there is no easy way
|
|
|
|
for a computer to decide who is trustworthy and who is not. GnuPG
|
|
|
|
leaves this decision to you and will ask you for a trust value
|
|
|
|
(here also referenced as the owner-trust of a key) for every key
|
1999-06-16 20:25:37 +02:00
|
|
|
needed to check the chain of certificates. You may choose from:
|
1998-12-23 13:41:40 +01:00
|
|
|
a) "I don't know" - then it is not possible to use any
|
1999-06-16 20:25:37 +02:00
|
|
|
of the chains of certificates, in which this key is used
|
|
|
|
as an introducer, to validate the target key. Use this if
|
|
|
|
you don't know the introducer.
|
1998-12-23 13:41:40 +01:00
|
|
|
b) "I do not trust" - Use this if you know that the introducer
|
1999-06-16 20:25:37 +02:00
|
|
|
does not do a good job in certifying other keys. The effect
|
|
|
|
is the same as with a) but for a) you may later want to
|
|
|
|
change the value because you got new information about this
|
|
|
|
introducer.
|
1998-12-23 13:41:40 +01:00
|
|
|
c) "I trust marginally" - Use this if you assume that the
|
1999-06-16 20:25:37 +02:00
|
|
|
introducer knows what he is doing. Together with some
|
|
|
|
other marginally trusted keys, GnuPG validates the target
|
|
|
|
key then as good.
|
1998-12-23 13:41:40 +01:00
|
|
|
d) "I fully trust" - Use this if you really know that this
|
1999-06-16 20:25:37 +02:00
|
|
|
introducer does a good job when certifying other keys.
|
|
|
|
If all the introducer are of this trust value, GnuPG
|
|
|
|
normally needs only one chain of signatures to validate
|
|
|
|
a target key okay. (But this may be adjusted with the help
|
|
|
|
of some options).
|
1999-02-10 17:22:40 +01:00
|
|
|
This information is confidential because it gives your personal
|
|
|
|
opinion on the trustworthiness of someone else. Therefore this data
|
|
|
|
is not stored in the keyring but in the "trustdb"
|
1998-12-23 13:41:40 +01:00
|
|
|
(~/.gnupg/trustdb.gpg). Do not assign a high trust value just
|
1999-02-10 17:22:40 +01:00
|
|
|
because the introducer is a friend of yours - decide how well she
|
|
|
|
understands the implications of key signatures and you may want to
|
|
|
|
tell her more about public key cryptography so you can later change
|
|
|
|
the trust value you assigned.
|
1998-12-23 13:41:40 +01:00
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
Okay, here is how GnuPG helps you with key management. Most stuff
|
|
|
|
is done with the --edit-key command
|
1998-12-23 13:41:40 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
gpg --edit-key <keyid or username>
|
1998-12-23 13:41:40 +01:00
|
|
|
|
|
|
|
GnuPG displays some information about the key and then prompts
|
|
|
|
for a command (enter "help" to see a list of commands and see
|
|
|
|
the man page for a more detailed explanation). To sign a key
|
|
|
|
you select the user ID you want to sign by entering the number
|
1999-02-10 17:22:40 +01:00
|
|
|
that is displayed in the leftmost column (or do nothing if the
|
1998-12-23 13:41:40 +01:00
|
|
|
key has only one user ID) and then enter the command "sign" and
|
|
|
|
follow all the prompts. When you are ready, give the command
|
|
|
|
"save" (or use "quit" to cancel your actions).
|
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
If you want to sign the key with another of your user IDs, you
|
1998-12-23 13:41:40 +01:00
|
|
|
must give an "-u" option on the command line together with the
|
|
|
|
"--edit-key".
|
|
|
|
|
|
|
|
Normally you want to sign only one user ID because GnuPG
|
1999-02-10 17:22:40 +01:00
|
|
|
uses only one and this keeps the public key certificate
|
1998-12-23 13:41:40 +01:00
|
|
|
small. Because such key signatures are very important you
|
1999-02-10 17:22:40 +01:00
|
|
|
should make sure that the signatories of your key sign a user ID
|
1998-12-23 13:41:40 +01:00
|
|
|
which is very likely to stay for a long time - choose one with an
|
|
|
|
email address you have full control of or do not enter an email
|
|
|
|
address at all. In future GnuPG will have a way to tell which
|
|
|
|
user ID is the one with an email address you prefer - because
|
|
|
|
you have no signatures on this email address it is easy to change
|
1999-02-10 17:22:40 +01:00
|
|
|
this address. Remember, your signatories sign your public key (the
|
1999-01-12 11:20:24 +01:00
|
|
|
primary one) together with one of your user IDs - so it is not possible
|
1998-12-23 13:41:40 +01:00
|
|
|
to change the user ID later without voiding all the signatures.
|
|
|
|
|
|
|
|
Tip: If you hear about a key signing party on a computer conference
|
|
|
|
join it because this is a very convenient way to get your key
|
|
|
|
certified (But remember that signatures have nothing to to with the
|
|
|
|
trust you assign to a key).
|
|
|
|
|
|
|
|
|
1999-02-10 17:22:40 +01:00
|
|
|
8 Ways to Specify a User ID
|
1998-12-23 13:41:40 +01:00
|
|
|
--------------------------
|
1999-02-10 17:22:40 +01:00
|
|
|
There are several ways to specify a user ID, here are some examples.
|
1998-01-26 23:09:01 +01:00
|
|
|
|
1998-02-26 17:56:31 +01:00
|
|
|
* Only by the short keyid (prepend a zero if it begins with A..F):
|
1998-01-26 23:09:01 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
"234567C4"
|
|
|
|
"0F34E556E"
|
|
|
|
"01347A56A"
|
|
|
|
"0xAB123456
|
1998-01-26 23:09:01 +01:00
|
|
|
|
|
|
|
* By a complete keyid:
|
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
"234AABBCC34567C4"
|
|
|
|
"0F323456784E56EAB"
|
|
|
|
"01AB3FED1347A5612"
|
|
|
|
"0x234AABBCC34567C4"
|
1998-01-26 23:09:01 +01:00
|
|
|
|
1998-04-09 13:19:09 +02:00
|
|
|
* By a fingerprint:
|
1998-01-26 23:09:01 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
"1234343434343434C434343434343434"
|
|
|
|
"123434343434343C3434343434343734349A3434"
|
|
|
|
"0E12343434343434343434EAB3484343434343434"
|
1998-01-26 23:09:01 +01:00
|
|
|
|
|
|
|
The first one is MD5 the others are ripemd160 or sha1.
|
|
|
|
|
1998-12-23 13:41:40 +01:00
|
|
|
* By an exact string:
|
1998-01-26 23:09:01 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
"=Heinrich Heine <heinrichh@uni-duesseldorf.de>"
|
1998-01-26 23:09:01 +01:00
|
|
|
|
|
|
|
* By an email address:
|
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
"<heinrichh@uni-duesseldorf.de>"
|
1999-02-10 17:22:40 +01:00
|
|
|
|
|
|
|
* By word match
|
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
"+Heinrich Heine duesseldorf"
|
1999-02-10 17:22:40 +01:00
|
|
|
|
1999-08-31 17:30:12 +02:00
|
|
|
All words must match exactly (not case sensitive) and appear in
|
1999-02-10 17:22:40 +01:00
|
|
|
any order in the user ID. Words are any sequences of letters,
|
|
|
|
digits, the underscore and characters with bit 7 set.
|
1998-01-26 23:09:01 +01:00
|
|
|
|
1998-12-23 13:41:40 +01:00
|
|
|
* By the Local ID (from the trust DB):
|
1998-01-26 23:09:01 +01:00
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
"#34"
|
1998-01-26 23:09:01 +01:00
|
|
|
|
1998-12-23 13:41:40 +01:00
|
|
|
This may be used by a MUA to specify an exact key after selecting
|
1999-02-10 17:22:40 +01:00
|
|
|
a key from GnuPG (by using a special option or an extra utility)
|
1998-01-26 23:09:01 +01:00
|
|
|
|
|
|
|
* Or by the usual substring:
|
|
|
|
|
1999-06-16 20:25:37 +02:00
|
|
|
"Heine"
|
|
|
|
"*Heine"
|
1998-01-26 23:09:01 +01:00
|
|
|
|
|
|
|
The '*' indicates substring search explicitly.
|
|
|
|
|
|
|
|
|
1998-01-02 21:40:10 +01:00
|
|
|
Batch mode
|
|
|
|
----------
|
1998-10-16 18:00:17 +02:00
|
|
|
If you use the option "--batch", GnuPG runs in non-interactive mode and
|
1998-04-14 19:51:16 +02:00
|
|
|
never prompts for input data. This does not even allow entering the
|
1999-02-10 17:22:40 +01:00
|
|
|
passphrase. Until we have a better solution (something like ssh-agent),
|
1999-08-31 17:30:12 +02:00
|
|
|
you can use the option "--passphrase-fd n", which works like PGP's
|
1998-01-02 21:40:10 +01:00
|
|
|
PGPPASSFD.
|
|
|
|
|
1998-10-16 18:00:17 +02:00
|
|
|
Batch mode also causes GnuPG to terminate as soon as a BAD signature is
|
1998-01-02 21:40:10 +01:00
|
|
|
detected.
|
|
|
|
|
|
|
|
|
|
|
|
Exit status
|
|
|
|
-----------
|
1998-10-16 18:00:17 +02:00
|
|
|
GnuPG returns with an exit status of 1 if in batch mode and a bad signature
|
1998-01-02 21:40:10 +01:00
|
|
|
has been detected or 2 or higher for all other errors. You should parse
|
1999-02-10 17:22:40 +01:00
|
|
|
stderr or, better, the output of the fd specified with --status-fd to get
|
1998-12-23 13:41:40 +01:00
|
|
|
detailed information about the errors.
|
1998-01-02 21:40:10 +01:00
|
|
|
|
|
|
|
|
1999-09-06 20:10:27 +02:00
|
|
|
How to Get More Information
|
|
|
|
---------------------------
|
1998-01-24 17:32:27 +01:00
|
|
|
|
1998-12-17 18:36:05 +01:00
|
|
|
The primary WWW page is "http://www.gnupg.org"
|
1999-09-06 20:10:27 +02:00
|
|
|
The primary FTP site is "ftp://ftp.gnupg.org/pub/gcrypt/"
|
1998-02-13 21:58:50 +01:00
|
|
|
|
1999-01-12 11:20:24 +01:00
|
|
|
See http://www.gnupg.org/mirrors.html for a list of FTP mirrors
|
1999-09-06 20:10:27 +02:00
|
|
|
and use them if possible. You may also find GnuPG mirrored on
|
|
|
|
some of the regular GNU mirrors.
|
1997-12-16 20:15:09 +01:00
|
|
|
|
1999-08-04 10:45:27 +02:00
|
|
|
We have some mailing lists dedicated to GnuPG:
|
|
|
|
|
|
|
|
gnupg-announce@gnupg.org For important announcements like
|
|
|
|
new versions and such stuff.
|
|
|
|
This is a moderated list and has
|
|
|
|
very low traffic.
|
|
|
|
gnupg-users@gnupg.org For general user discussion and
|
|
|
|
help.
|
1999-11-12 20:32:00 +01:00
|
|
|
gnupg-i18n@gnupg.org Discussion about internationalization
|
|
|
|
issues.
|
1999-08-04 10:45:27 +02:00
|
|
|
gnupg-devel@gnupg.org GnuPG developers main forum.
|
|
|
|
|
|
|
|
You subscribe to one of the list by sending mail with a subject
|
|
|
|
of "subscribe" to x-request@gnupg.org, where x is the name of the
|
|
|
|
mailing list (gnupg-announce, gnupg-users, etc.). An archive of
|
|
|
|
the mailing lists is available at http://lists.gnupg.org .
|
|
|
|
|
|
|
|
The gnupg.org domain is hosted in Germany to avoid possible legal
|
|
|
|
problems (technical advices may count as a violation of ITAR).
|
1999-06-02 14:25:59 +02:00
|
|
|
|
1999-06-26 12:23:06 +02:00
|
|
|
Please direct bug reports to <gnupg-bugs@gnu.org> or post
|
|
|
|
them direct to the mailing list <gnupg-devel@gnupg.org>.
|
1999-09-06 20:10:27 +02:00
|
|
|
|
1999-06-26 12:23:06 +02:00
|
|
|
Please direct questions about GnuPG to the users mailing list or
|
1999-09-06 20:10:27 +02:00
|
|
|
one of the pgp newsgroups; please do not direct questions to one
|
|
|
|
of the authors directly as we are busy working on improvements
|
|
|
|
and bug fixes. Both mailing lists are watched by the authors
|
|
|
|
and we try to answer questions when time allows us to do so.
|
1997-12-16 20:15:09 +01:00
|
|
|
|
1999-09-06 20:10:27 +02:00
|
|
|
Commercial grade support for GnuPG is available; please see
|
|
|
|
the GNU service directory or search other resources.
|
1998-11-08 18:23:14 +01:00
|
|
|
|
1999-07-23 14:03:01 +02:00
|
|
|
-----BEGIN PGP SIGNATURE-----
|
|
|
|
|
1999-11-12 20:32:00 +01:00
|
|
|
iQB1AwUBOCv6bB0Z9MEMmFelAQGktwL/SyzPDeU2I38lFj3Xx7IhL9vUTEaEDuAH
|
|
|
|
FFjs0i4qpRlvYVfTtEQjkUMCUe6PCMXNXY+var1FOECpJwS93t4uf3VV83ESOMCu
|
|
|
|
VR5JjhowfU2l957aFOFyzBpNuMPBuwBR
|
|
|
|
=+Tbg
|
1999-07-23 14:03:01 +02:00
|
|
|
-----END PGP SIGNATURE-----
|