GPG Installation and Setup
- Dmitry Donosiyan (Unlicensed)
- Kinga Huszno
Installation
GNU Privacy Guard is available for free from http://www.gnupg.org for a variety of operating systems, including Windows, Linux, other flavors of Unix and MacOS X.
To install GPG, run the following command:
$ yum install gnupg2 pinentry-gtkDependency package pinentry-gtk can be missing on your Linux system, so it should be installed beforehand, if necessary.
On this page
Setup
GPG uses public key cryptography for encrypting and signing messages. Public key cryptography involves your public key which is distributed to the public and is used to encrypt messages to be delivered you and to decrypt signatures you have created, and your private key which complements your public key by allowing you to decrypt messages you receive and to encrypt signatures. Together, these are referred to as a key pair.
Creating Private Key Pair
The first thing to do after successful GPG installation is to generate the necessary keys used for encrypting and decrypting files. Please keep to the following steps:
$ gpg --gen-keygpg (GnuPG) 2.0.14; Copyright (C) 2009 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection?RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 2y
Key expires at Thu 15 Jan 2015 08:39:54 PM CET
Is this correct? (y/N) y
GnuPG needs to construct a user ID to identify your key.
Real name: YOUR NAME
Email address: your.name@domain.com
Comment:
You selected this USER-ID:
"YOUR NAME <your.name@domain.com>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.etc.
Exporting Public Key
To be able to receive encrypted files, you need to export your public key. The text files generated below can be emailed as attachment or more preferable distributed in a more secure way, such as manually handed over via USB memory.
Open the output file, key.txt. You should see something resembling this:
Copy the entire contents of that file, including the lines beginning with “-----,” and paste them on a web page or in an email message to someone else. That’s all it takes to export your public key.
It is possible to export your private key in the same manner, with the “--export-secret-keys” instead of “--export.” This is useful for backup or for transferring it to another computer, as long as you know what you’re doing and you can be sure the new copy will be secure. Make sure you don’t ever accidentally publish your private key! Before you publish a key in ASCII form, check that the first line has the word “PUBLIC,” not “PRIVATE.”
Example of private key import is below:
To sign the key you should type(It is necessary for encryption)
then type
and then choose "ultimate" ownertrust
Set up parameters in w_custom_config.inc
Set the following parameters in w_custom_config.inc