I recently decided to use GNU Privacy Guard (gnupg, gpg2). This blog summarizes the steps taken.
To avoid exposing keys to risk of interception asymmetric encryption was adopted, in which everybody can know your public key. It is needed to encrypt messages for only you to read. While the private key never needs to be communicated. It is used to decrypt messages meant for you, and to sign messages to assure others you are the sender. A message can be any data, any file, binary or text.
gpg2 -e <file> # encrypt for yourself; creates .gpg file gpg2 -e <file> -r <receiver> # encrypt for someone else gpg2 -d <file>.gpg # decript gpg2 -s <file> # sign a file gpg2 -s -e <file> -r <receiver> # sign and ecript a file for someone gpg2 -b <file> # create separte signature .asc file gpg2 -v <file>.asc # verify authenticity of message
To get to use gpg2 like that you need to create a key pair for you.
Note
A password you will use for some time, but a gpg key pair should accompany you for a long, long time. It is like the key to a flat. If you loose it you loose access to your encrypted data or access to internet services you use, but you also loose the trust associated with your public key.
Opt therefore for a longer and stronger key length (currently 4096 bits) and adopt Debian practice to only use subkeys, which get automatically signed by the primary key (selfsigning), i.e. inherit the trust of the primary key.
To set you up:
- generate a primary key (automatically generates an encrypting subkey)
- generate a signing subkey
- backup the keys
- remove the master private key
- import the subkeys on other computers
- let (the public part of) the primary key be signed
The steps in more detail:
generate a primary key
gpg2 --full-gen-key
allows to specify 4096 as key length, which is wanted by debian. gpg2 --gen-key uses the current default of 2048 bits.
It takes some time to gain entropy needed for the actual creation of the key.
gpg2 -k
prints:
/home/roland/.gnupg/pubring.gpg ------------------------------- pub rsa4096/43B86228 2016-04-09 uid [ultimate] Roland Puntaier (1971) <roland.puntaier@gmail.com> sub rsa4096/89E58C2B 2016-04-09
This
gpg2 -k --with-colons
also prints the usage flags: sc (sign certification) for the primary key, and e (encryption) for the sub key:
tru::1:1460238398:0:3:1:5 pub:u:4096:1:BC9A552643B86228:1460237000:::u:::scESC::::::: uid:u::::1460237000::67D66F8E5A03CB7F1D67822B723617535D8A3CC9::Roland Puntaier (1971) <roland.puntaier@gmail.com>::::::::: sub:u:4096:1:39DCC42189E58C2B:1460237000::::::e::::::
− k stands for --list-keys. It will list also the key IDs of all your contacts, of whom you only have the public key. There is also a --list-secret-keys that lists the key IDs of the keys for which you have the private part, too.
There was one subkey for encryption automatically generated, but we want to do without the primary key for the daily use. Therefore we need to create a signing subkey.
generate a signing subkey
gpg2 --edit-key 43B86228
prints:
gpg (GnuPG) 2.1.10; Copyright (C) 2015 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Secret key is available. sec rsa4096/43B86228 created: 2016-04-09 expires: never usage: SC trust: ultimate validity: ultimate ssb rsa4096/89E58C2B created: 2016-04-09 expires: never usage: E [ultimate] (1). Roland Puntaier (1971) <roland.puntaier@gmail.com>
At the prompt wite:
addkey
and choose a signing only RSA 4096 key. Then save and quit:
save quit
Note
This signing subkey cannot be used to sign other keys, because a subkey is expected to be revoked and replaced after some time.
backup the keys
Back up the primary key separately.
gpg2 --armor --output my-secret-key.asc --export-secret-keys roland.puntaier@gmail.com
You will need it to replace the current subkeys some time in the future, in a few years, or to sign other keys (see further down, and subkeys).
Back up the subkeys without the primary key.
gpg2 --armor --output my-secret-subkeys.asc --export-secret-subkeys roland.puntaier@gmail.com
Note
gpg2 command line parameters containing secret denote both the private and the public part of keys you have created yourself. There is no need to additionally use the non-secret command line parameter. gpg2 output and documentation seems to use private and secret interchangingly.
This backup can be imported on other devices.
gpg2 --import /mnt/usb/my-secret-subkeys.asc
There is no need to backup the whole .gnupg folder. You will revoke your subkeys at some time in the future, and would need to update the backup. gpg also continues to develop: file names in the .gnupg folder might change, but the import feature will still work.
remove the master private key
The files storing the private key is ~\.gnupg\private-keys-v1.d\<keygrip>.key, where keygrip is shown with --with-keygrip.
gpg2 -k --with-keygrip
Remove this file, or alternatively:
gpg-connect-agent "DELETE_KEY <keygrip>" /bye
Or yet another way:
gpg2 --delete-secret-key roland.puntaier@gmail.com gpg2 --import my-secret-subkeys.asc
let the (public part of) your primary key be signed
The public key is identified by an ID and or by a fingerprint. The latter you need to provide in order to let your public key signed. The signer will know you in person or will verify your identity via some official document.
If your public key does not have trust yet you can give the fingerprint to a person on request, e.g. by telephone.
The command
gpg2 --fingerprint
shows:
/home/roland/.gnupg/pubring.kbx ------------------------------- pub rsa4096/43B86228 2016-04-09 Key fingerprint = F85C B631 327E D8DC D50C 9FD3 BC9A 5526 43B8 6228 uid [ unknown] Roland Puntaier (1971) <roland.puntaier@gmail.com> sub rsa4096/89E58C2B 2016-04-09 sub rsa4096/0DF70FCE 2016-04-10
At a signing party participants will verify each other's fingerprint and identity, the latter by inspecting an official document, like a passport or driving license.
The organizer will probably have provided a link to upload your --fingerprint output. He will print out a list for everyone. The list contains all the fingerprints. In addition bring along a printout of your own and read from this one and let the others check against the list entry.
Back at home you sign the keys:
First you need to get the public keys:
gpg2 --recv-keys <(last 8 or 16 digits of)fingerprint> #keey needs to be on key server #or gpg2 --import <text file with public key> #e.g. sent via email
Then use the backed up primary key via or as in this script modified from here.
KEYFILE=/mnt/usb1/roland/my-secret-key.asc tmpdir=$(mktemp -d --tmpdir gpg.XXXXXX) gpg2 --homedir $tmpdir --import $KEYFILE gpg2 --homedir $tmpdir --keyring ${GNUPGHOME:-$HOME/.gnupg}/pubring.kbx $@ [ -f $tmpdir/S.gpg-agent ] && gpg-connect-agent --homedir $tmpdir KILLAGENT /bye rm -rf $tmpdir
Next upload the signed keys to the keyserver
gpg2 --send-key <keyid>
and/or send them via email to the participant of the signing party.
No comments:
Post a Comment