Difference between revisions of "Redhat:GPG2"
Jump to navigation
Jump to search
(Created page with "== Secure Files == While there is a larger amount a security around networks, files that are transmitted over them may need to be secure in themselves. This is achieved thro...") |
|||
| Line 50: | Line 50: | ||
|} | |} | ||
| − | == GPG2 Encryption Options == | + | == GPG2 Key Generation == |
| + | |||
| + | The gpg2 command can be used to create keys pairs used to encrypt and decrypt files. | ||
| + | |||
| + | <syntaxhighlight> | ||
| + | gpg2 --gen-key | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | When the command is run it will promt you for a several options: | ||
| + | |||
| + | * Encryption Scheme | ||
| + | * Lifetime of the Keys | ||
| + | * Number of Bits to Use | ||
| + | * Passphrase | ||
| + | * Name, Email and comment | ||
| + | |||
| + | === Encryption Options === | ||
| + | |||
| + | The keys can be created using four encryption schemes. | ||
| + | |||
| + | * RSA / RSA | ||
| + | * DSA / Elgamal | ||
| + | * DSA (Sign Only) | ||
| + | * RSA (Sign Only) | ||
| + | |||
| + | |||
| + | == Use the GPG2 keys to encrypt a file == | ||
| + | |||
| + | First you need to get and send the public key to the remote system in order to decrypt the file at the other end | ||
| + | |||
| + | <syntaxhighlight> | ||
| + | gpg2 --export <user> > gpg.pub # Export the public key for user to gpg.pub | ||
| + | scp gpg.pub <remote system> # Send the file | ||
| + | |||
| + | |||
| + | #On the remote system | ||
| + | gpg2 --list-keys #list the current keys | ||
| + | gpg2 --import gpg.pub #import the new key | ||
| + | gpg2 --list-keys #verify the key has been imported | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | |||
| + | To Encrypt the file | ||
| + | |||
| + | <syntaxhighlight> | ||
| + | gpg2 --out <output.file> --recipient <user> --encrypt <input.file> #encrypts input.file using the key belonging to user and outputs to output.file | ||
| + | </syntaxhighlight> | ||
Revision as of 14:25, 10 September 2013
Secure Files
While there is a larger amount a security around networks, files that are transmitted over them may need to be secure in themselves. This is achieved through encryption.
The standard encryption is Pretty Good Privacy (PGP) and its open source equivalent GNU Privacy Guard (GPG). Redhat provides GPG version 2 (GPG2) by standard with RHEL6.
GPG2 Commands
| gpg | softlinked to gpg2 |
| gpg2 | GPG2 encryption and signing tool |
| gpg-agent | gpg2 key management |
| gpgconf | gpg2 component status |
| gpg-connect-agent | agent communication |
| gpg-error | interpret GPG error codes |
| gpg-error-config | build applications based on GPG error codes |
| gpgkey2ssh | conversion command for GPG2 keys for SSH |
| gpgparsemail | Under Development |
| gpgsplit | split GPG2 message into packets |
| gpgv | soft linked to gpgv2 command |
| gpgv2 | Verify GPG signitures |
| gpg-zip | encrypt and sign files into an archive |
GPG2 Key Generation
The gpg2 command can be used to create keys pairs used to encrypt and decrypt files.
gpg2 --gen-keyWhen the command is run it will promt you for a several options:
- Encryption Scheme
- Lifetime of the Keys
- Number of Bits to Use
- Passphrase
- Name, Email and comment
Encryption Options
The keys can be created using four encryption schemes.
- RSA / RSA
- DSA / Elgamal
- DSA (Sign Only)
- RSA (Sign Only)
Use the GPG2 keys to encrypt a file
First you need to get and send the public key to the remote system in order to decrypt the file at the other end
gpg2 --export <user> > gpg.pub # Export the public key for user to gpg.pub
scp gpg.pub <remote system> # Send the file
#On the remote system
gpg2 --list-keys #list the current keys
gpg2 --import gpg.pub #import the new key
gpg2 --list-keys #verify the key has been imported
To Encrypt the file
gpg2 --out <output.file> --recipient <user> --encrypt <input.file> #encrypts input.file using the key belonging to user and outputs to output.file