Sunday, May 8, 2016

GnuPG

GnuPG

I recently decided to use GNU Privacy Guard (gnupg, gpg2). This blog summarizes the steps taken.

To avoid exposing keys to risk of interception asymmetric encryption was adopted, in which everybody can know your public key. It is needed to encrypt messages for only you to read. While the private key never needs to be communicated. It is used to decrypt messages meant for you, and to sign messages to assure others you are the sender. A message can be any data, any file, binary or text.

gpg2 -e <file>                   # encrypt for yourself; creates .gpg file
gpg2 -e <file> -r <receiver> # encrypt for someone else
gpg2 -d <file>.gpg               # decript

gpg2 -s <file>                   # sign a file
gpg2 -s -e <file> -r <receiver>  # sign and ecript a file for someone
gpg2 -b <file>                   # create separte signature .asc file
gpg2 -v <file>.asc               # verify authenticity of message

To get to use gpg2 like that you need to create a key pair for you.

Note

A password you will use for some time, but a gpg key pair should accompany you for a long, long time. It is like the key to a flat. If you loose it you loose access to your encrypted data or access to internet services you use, but you also loose the trust associated with your public key.

Opt therefore for a longer and stronger key length (currently 4096 bits) and adopt Debian practice to only use subkeys, which get automatically signed by the primary key (selfsigning), i.e. inherit the trust of the primary key.

To set you up:

  1. generate a primary key (automatically generates an encrypting subkey)
  2. generate a signing subkey
  3. backup the keys
  4. remove the master private key
  5. import the subkeys on other computers
  6. let (the public part of) the primary key be signed

The steps in more detail:

  1. generate a primary key

    gpg2 --full-gen-key

    allows to specify 4096 as key length, which is wanted by debian. gpg2 --gen-key uses the current default of 2048 bits.

    It takes some time to gain entropy needed for the actual creation of the key.

    gpg2 -k

    prints:

    /home/roland/.gnupg/pubring.gpg
-------------------------------
pub   rsa4096/43B86228 2016-04-09
uid         [ultimate] Roland Puntaier (1971) <roland.puntaier@gmail.com>
sub   rsa4096/89E58C2B 2016-04-09

    This

    gpg2 -k --with-colons

    also prints the usage flags: sc (sign certification) for the primary key, and e (encryption) for the sub key:

    tru::1:1460238398:0:3:1:5
pub:u:4096:1:BC9A552643B86228:1460237000:::u:::scESC:::::::
uid:u::::1460237000::67D66F8E5A03CB7F1D67822B723617535D8A3CC9::Roland Puntaier (1971) <roland.puntaier@gmail.com>:::::::::
sub:u:4096:1:39DCC42189E58C2B:1460237000::::::e::::::

     − k stands for --list-keys. It will list also the key IDs of all your contacts, of whom you only have the public key. There is also a --list-secret-keys that lists the key IDs of the keys for which you have the private part, too.

    There was one subkey for encryption automatically generated, but we want to do without the primary key for the daily use. Therefore we need to create a signing subkey.

  2. generate a signing subkey

    gpg2 --edit-key 43B86228

    prints:

    gpg (GnuPG) 2.1.10; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

sec  rsa4096/43B86228
     created: 2016-04-09  expires: never       usage: SC
     trust: ultimate      validity: ultimate
ssb  rsa4096/89E58C2B
     created: 2016-04-09  expires: never       usage: E
[ultimate] (1). Roland Puntaier (1971) <roland.puntaier@gmail.com>

    At the prompt wite:

    addkey

    and choose a signing only RSA 4096 key. Then save and quit:

    save
quit

    Note

    This signing subkey cannot be used to sign other keys, because a subkey is expected to be revoked and replaced after some time.

  3. backup the keys

    1. Back up the primary key separately.

      gpg2 --armor --output my-secret-key.asc  --export-secret-keys roland.puntaier@gmail.com

      You will need it to replace the current subkeys some time in the future, in a few years, or to sign other keys (see further down, and subkeys).

    2. Back up the subkeys without the primary key.

      gpg2 --armor --output my-secret-subkeys.asc --export-secret-subkeys roland.puntaier@gmail.com

      Note

      gpg2 command line parameters containing secret denote both the private and the public part of keys you have created yourself. There is no need to additionally use the non-secret command line parameter. gpg2 output and documentation seems to use private and secret interchangingly.

      This backup can be imported on other devices.

      gpg2 --import /mnt/usb/my-secret-subkeys.asc

      There is no need to backup the whole .gnupg folder. You will revoke your subkeys at some time in the future, and would need to update the backup. gpg also continues to develop: file names in the .gnupg folder might change, but the import feature will still work.

  4. remove the master private key

    The files storing the private key is ~\.gnupg\private-keys-v1.d\<keygrip>.key, where keygrip is shown with --with-keygrip.

    gpg2 -k --with-keygrip

    Remove this file, or alternatively:

    gpg-connect-agent "DELETE_KEY <keygrip>" /bye

    Or yet another way:

    gpg2 --delete-secret-key roland.puntaier@gmail.com
gpg2 --import my-secret-subkeys.asc

  5. let the (public part of) your primary key be signed

    The public key is identified by an ID and or by a fingerprint. The latter you need to provide in order to let your public key signed. The signer will know you in person or will verify your identity via some official document.

    If your public key does not have trust yet you can give the fingerprint to a person on request, e.g. by telephone.

    The command

    gpg2 --fingerprint

    shows:

    /home/roland/.gnupg/pubring.kbx
-------------------------------
pub   rsa4096/43B86228 2016-04-09
      Key fingerprint = F85C B631 327E D8DC D50C  9FD3 BC9A 5526 43B8 6228
uid         [ unknown] Roland Puntaier (1971) <roland.puntaier@gmail.com>
sub   rsa4096/89E58C2B 2016-04-09
sub   rsa4096/0DF70FCE 2016-04-10

    At a signing party participants will verify each other's fingerprint and identity, the latter by inspecting an official document, like a passport or driving license.

    The organizer will probably have provided a link to upload your --fingerprint output. He will print out a list for everyone. The list contains all the fingerprints. In addition bring along a printout of your own and read from this one and let the others check against the list entry.

    Back at home you sign the keys:

    First you need to get the public keys:

    gpg2 --recv-keys <(last 8 or 16 digits of)fingerprint> #keey needs to be on key server
#or
gpg2 --import <text file with public key> #e.g. sent via email

    Then use the backed up primary key via or as in this script modified from here.

    KEYFILE=/mnt/usb1/roland/my-secret-key.asc
tmpdir=$(mktemp -d --tmpdir gpg.XXXXXX)
gpg2 --homedir $tmpdir --import $KEYFILE

gpg2 --homedir $tmpdir --keyring ${GNUPGHOME:-$HOME/.gnupg}/pubring.kbx $@

[ -f $tmpdir/S.gpg-agent ] && gpg-connect-agent --homedir $tmpdir KILLAGENT /bye
rm -rf $tmpdir

    Next upload the signed keys to the keyserver

    gpg2 --send-key <keyid>

    and/or send them via email to the participant of the signing party.

Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)