====== GPG ======
===== Generating my key-pair: =====
jonl@P04073:~$ gpg --gen-key
gpg (GnuPG) 1.4.6; Copyright (C) 2006 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection? 1
DSA keypair will have 1024 bits.
ELG-E keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0) 2y
Key expires at Wed 23 Feb 2011 04:23:10 PM CET
Is this correct? (y/N) y
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) "
Real name: Jon Langseth
Email address: jon.langseth@hig.no
Comment:
You selected this USER-ID:
"Jon Langseth "
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
++++++++++.+++++++++++++++++++++++++.++++++++++++++++++++.++++++++++.++++++++++++++++++++++++++++++++++++++++++++++++++.+++++.+++++++++++++++.......+++++
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
.++++++++++.+++++..+++++.+++++.+++++.+++++....+++++.....++++++++++..+++++++++++++++....++++++++++.++++++++++++++++++++...++++++++++.++++++++++...++++++++++++++++++++.+++++..+++++++++++++++.+++++.+++++>.+++++.+++++..++++++++++..+++++..+++++..++++++++++++++++++++>..+++++>+++++....................>..+++++................<+++++...............>+++++>...+++++<+++++.....<...+++++..........>.+++++..............>+++++<.+++++...........................+++++^^^
gpg: key 580CA477 marked as ultimately trusted
public and secret key created and signed.
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2011-02-23
pub 1024D/580CA477 2009-02-23 [expires: 2011-02-23]
Key fingerprint = 7A73 E894 7DEA 42E4 E860 A12F 6935 2E53 580C A477
uid Jon Langseth
sub 4096g/4853D37B 2009-02-23 [expires: 2011-02-23]
===== Reviewing keys =====
jonl@P04073:~$ gpg --list-keys
/home/jonl/.gnupg/pubring.gpg
-----------------------------
pub 1024D/580CA477 2009-02-23 [expires: 2011-02-23]
uid Jon Langseth
sub 4096g/4853D37B 2009-02-23 [expires: 2011-02-23]
jonl@P04073:~$ gpg --list-sigs
/home/jonl/.gnupg/pubring.gpg
-----------------------------
pub 1024D/580CA477 2009-02-23 [expires: 2011-02-23]
uid Jon Langseth
sig 3 580CA477 2009-02-23 Jon Langseth
sub 4096g/4853D37B 2009-02-23 [expires: 2011-02-23]
sig 580CA477 2009-02-23 Jon Langseth
===== Submitting key: =====
jonl@P04073:~$ gpg --keyserver hkp://pgp.surfnet.nl --send-keys 580CA477
gpg: sending key 580CA477 to hkp server pgp.surfnet.nl
jonl@P04073:~$ gpg --keyserver hkp://pgp.surfnet.nl --search-keys 'jon.langseth@hig.no'
gpg: searching for "jon.langseth@hig.no" from hkp server pgp.surfnet.nl
(1) Jon Langseth
1024 bit DSA key 580CA477, created: 2009-02-23
(2) Jon Langseth
1024 bit DSA key 9488018A, created: 2008-02-05 (revoked)
Keys 1-2 of 2 for "jon.langseth@hig.no". Enter number(s), N)ext, or Q)uit > q
===== Getting pubkeys into keyring: =====
The search-way:
jonl@P04073:~$ gpg --keyserver hkp://pgp.surfnet.nl --search-keys 'john.johannessen'
gpg: searching for "john.johannessen" from hkp server pgp.surfnet.nl
(1) John Johannessen
John Johannessen
1024 bit DSA key 6DB33A8B, created: 2007-06-11
(2) John Johannessen
John Johannessen
1024 bit DSA key E547B980, created: 2006-04-03
(3) John Johannessen
John Johannessen
John Johannessen
John Johannesen
1024 bit DSA key 1DE8F76E, created: 2001-03-10
(4) John Johannessen
1024 bit DSA key 1E8D6466, created: 2000-08-25
(5) John Johannessen
1024 bit DSA key 60664FE8, created: 1999-10-08
(6) John Johannessen
1024 bit DSA key 96DE30B7, created: 1999-10-07
(7) John Johannessen
1024 bit DSA key 1748ACC6, created: 1999-03-03
(8) John Johannessen
1024 bit DSA key 7F719785, created: 1999-03-03
(9) John Johannessen
1024 bit DSA key FB13B331, created: 1998-01-11
Keys 1-9 of 9 for "john.johannessen". Enter number(s), N)ext, or Q)uit > 1
gpg: requesting key 6DB33A8B from hkp server pgp.surfnet.nl
gpg: key 6DB33A8B: public key "John Johannessen " imported
gpg: Total number processed: 1
gpg: imported: 1
The 'already searched' way:
fishy@filez:~$ gpg --recv-keys E547B980
gpg: requesting key E547B980 from hkp server subkeys.pgp.net
gpg: key E547B980: public key "John Johannessen " imported
gpg: Total number processed: 1
gpg: imported: 1
===== Encrypting/decrypting local file: =====
#!/bin/bash
GPGID="jon.langseth@hig.no"
FILEPLAIN="list.dat"
FILECRYPT="$FILEPLAIN.gpg"
GPG="/usr/bin/gpg"
RM="/bin/rm"
VI="vim"
echo $1
if [ -n $1 ]; then
if [ "$1" = "view" ]; then
umask 0077; $GPG --decrypt $FILECRYPT | less
elif [ "$1" = "edit" ]; then
umask 0077;
$GPG --output $FILEPLAIN --decrypt $FILECRYPT
$VI $FILEPLAIN
umask 0077;
$GPG --encrypt --recipient $GPGID $FILEPLAIN
$RM $FILEPLAIN
else
echo ""
echo "usage:"
echo ""
echo "* view -- to see $FILEPLAIN"
echo "* edit -- to edit $FILEPLAIN"
echo ""
fi
fi