UHH>Informatik>NatS>Support Web>NatsFAQs>SecurityFAQ>UsingGPG (17 Oct 2012, UnknownUser) Print version

FAQ:

How do I use GPG?

Answer:

This is just to encrypt files for yourself. If you also want to use gpg to send/receive encrypted files/mails, everything becomes more complicated. I agree that is stupid to use an asymmetric encryption algorithm if there is only one party involved, but some people might also want to exchange encrypted files with somebody else. It is possible to encrypt/decrypt files with a symmetric cypher by using gpg -c file_name In this case you do not even need to generate a key pair.

If you encrypt/decrypt too much data, you might get asked to wait until more entropy has been gathered (for random number generation).

The most important command line options:

CommandDescription
gpg --gen-key

Generate your personal pair of keys.

  • Choose DSA and El Gamal. (DSA for signing, El Gamal for encrypting)
  • I recommend 1024 Bit within NATS cluster. (Speed is not that much of an issue, so the advantage of smaller keys is not too big. I do not think that it makes too much sense creating/storing keys > 1024 Bit on a computer within a network.)
  • Choose 0 (key does not expire). Otherwise you have to extend the expiration date before the key becomes invalid.
  • Enter your name, your email address, and some comment
  • Enter a passphrase to protect your secret key
    gpg uses assymetric encryption and thus very long keys. Since it is not feasible to memorize a 1024 bit key, the key must be stored somewhere. To protect it, gpg uses a symmetric encryption algorithm. To make it somewhat more secure, gpg uses a passphrase which can be longer than just a password. IMPORTANT: IF YOU FORGET YOUR PASSPHRASE, YOU CAN NO LONGER DECRYPT YOUR FILES.
  • Now the key pair should be created. You can verify it using
    gpg --list-keys
gpg -e -r <recipient> <file_name> Encrypt only (faster because no need to enter pass phrase!) You still have to delete the original file
gpg <file_name> Decrypt the file

Back to: SecurityFAQ

-- MichaelDaum -- 08 Sep 2003
Support
Warning: Can't find topic Support.WebLeftBarExample

 
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback