GNU Privacy Guard implements public-key encryption based on the OpenPGP protocol. In this Daily Drill Down, you'll learn how to get started with GNU Privacy Guard (abbreviated GnuPG) by using the program's text-mode interface. By the time you've finished working through this step-by-step approach to GnuPG, you'll be ready to take full advantage of all the benefits strong encryption technology can give you, including secure, confidential storage and transmission of sensitive documents, as well as digital signatures that can reveal whether anyone has altered an important file. Specifically, here's what I’ll cover in this Daily Drill Down:
- Choosing a passphrase
- Generating the key pair
- Creating a revocation certificate
- Encrypting files
- Wiping the original file
- Decrypting files
- Encrypting and signing files
- Clear signing files
- Creating a detached signature
- Verifying a signature
- Exporting your public key
- Importing and validating public keys
If you're new to the basic concepts of encryption technology, be sure to read “GNU Privacy Guard brings industrial-strength encryption to Linux systems.” In particular, note that use of GNU Privacy Guard isn't legal in some countries; for more information, see “UsingGnuPG Legally.”
Choosing a passphrase
Your first task with GnuPG involves creating your key pair, including the private key that you never divulge to anyone and the public key that you make available to others. Your correspondents use your public key to encrypt messages to you, and you use your private key to decode these messages.
Generating a key pair is a simple process, as you'll see, but you should give some thought to your passphrase before starting. GnuPG's technology won't give you much protection if you choose an easily guessed passphrase.
In brief, a passphrase is a multiword password of unlimited length. A good passphrase consists of several strings separated by spaces. Each of them should contain a mixture of numeric and alphabetical letters. You shouldn't use dictionary words, which are easily guessed by passphrase-cracking programs.
There's a tradeoff involved in coming up with a good passphrase: The worst ones are easy to remember, while the best ones are close to impossible to remember. Bear in mind, too, that you won't be able to access your files if you encrypt them and then forget your passphrase! Ideally, you shouldn't write down your passphrase. In practice, most people will do so, fearing that they'll forget it. If you choose to write down your passphrase, be sure to keep it in a secure place—preferably, in a location separate from that of the computer that's running GnuPG.
Generating a key pair
Once you've chosen a suitable passphrase, you're ready to generate your key pair. Follow these instructions to do so:
- Log on to your ordinary user account and switch to your home directory, if necessary.
- Open a terminal window, type gpg —gen-key, and press [Enter]. You'll see a prompt asking you to select the kind of key you want. You can choose DSA and ElGamal (the default), DSA (sign only), or ElGamal (sign and encrypt). The best choice is the default, so just press [Enter]. (If you choose DSA, you can't use the keys for encryption; if you choose the other option, ElGamal, you'll be using the less efficient public key encryption algorithm for all encryption purposes.)
- Next, you'll be prompted to select a key size. The default option, 1024, is a good tradeoff between CPU demand and security, so just press [Enter].
- You'll now be asked to choose an expiration date. Since you don't want your public key to expire, press [Enter] to accept the default here (0 = key does not expire).
- In the next three steps, you'll create your user ID, which consists of your name, a comment, and your e-mail address. In response to the Real Name prompt, type your first name and last name, then press [Enter].
- In response to the E-mail prompt, type your e-mail address and press [Enter].
- In response to the Comment prompt, enter your nickname or your initials.
- Next, you'll be asked to specify your passphrase. Type your passphrase and press [Enter]. You'll be asked to type it again for confirmation. If you make a mistake when you type the passphrase the second time, you'll be asked to repeat the whole process.
Caution: It's wise to store your private key on a floppy disk or CD rather than your computer's hard drive. You can then take this disk with you when you're away from your computer.
Exporting your key to a keyserver
To make your exported key available to others, you can send the binary version of your key as an e-mail attachment. You can also send the ASCII-armored version of the key within the text of an e-mail message. Additionally, you can export your key to a keyserver, an Internet-based service that maintains a database of public keys. Since keyservers belong to a network that exchanges the new keys that are uploaded, you need do this only once; after you've sent your key to a keyserver, all the keyservers on the same keyserver network will have a copy of your key. Anyone who wishes to send you an encrypted message can do so without first contacting you; they need only visit the keyserver, search for your name, and obtain your key.
GnuPG's —send-key and —keyserver options enable you to upload your keys to a keyserver. To send your key to the keyserver for example, you’d type gpg —keyserver search.keyserver.net —send-keyfollowed by your user ID; you'll need to be connected to the Internet in order to use this command. See the keyserver for the latest information on OpenPGP-compatible keyservers.
Creating a revocation certificate
After you've successfully generated your key pair, you should create a revocation certificate. Signed with your digital signature, this certificate can be used to warn your correspondents that your private key has been compromised.
To create your revocation certificate, type the following and press [Enter]:
gpg —output revoke.asc —gen-revoke userID
(For userID, type any part of your user ID that will identify your key pair.) This command writes a revocation certificate to the file revoke.asc, which is located in the working directory. The GnuPG documentation recommends that you print the certificate, store the certificate in a secure location, and delete the file. Otherwise, an intruder could render your private key useless by obtaining and publishing your certificate. (The revocation certificate isn’t very long, so you won’t have a tough time copying from hard copy, should the need ever arise.)
To encrypt files with GnuPG, remember that you're using a public key encryption program—you're encrypting with the intended recipient's public key. If you're encrypting files on your own system and intending to decrypt them yourself, you need to encrypt them using your public key. If you encrypt the files with someone else's public key, you won't be able to decrypt them, unless you have that person's private key!
To encrypt a file so that you can decrypt it later using your private key, do the following:
- At the Linux prompt, type gpg —encrypt followed by the name of the file you want to encrypt, then press [Enter]. You'll see a prompt asking you to identify the recipient.
- Type any part of your user ID (your first or last name, your e-mail address, or your comment) and press [Enter].
GnuPG encrypts the file and writes the output to a new file with the .gpg suffix.
Wiping the original file
There's not much point in encrypting a file on your local system if you leave the original file intact—and that's just what GnuPG does. What's more, it's not sufficient to delete the file using ordinary file-deletion techniques, such as the rm command; a knowledgeable intruder can easily restore deleted files. Using a technique known as Magnetic Force Microscopy (MFM), an intruder can even recover data that has been overwritten two or three times.
For better security, you should erase the original file using a file-wiping utility, such as Wipe. Be aware, however, that utilities such as Wipe have known (and unknown) imperfections that may leave traces of the original data intact, especially on SCSI drives. Don't use Wipe to safeguard your nation's military secrets; here, we're talking about keeping your data safe from snoops, such as employees who are hoping to find something of value to sell to a competitor. You can use GnuPG and Wipe to keep confidential data out of the hands of minor-league intruders, but Wipe might not protect you from a well-funded, professional investigation.
Once you've downloaded and installed Wipe, it's easy to use. Just type wipe followed by the name of the file you want to delete, then press [Enter].
Decrypting, encrypting, and signing files
To decrypt a file, use the —decrypt option, as in the following example:
gpg —output output-file —decrypt input-file.gpg
This command decrypts the file specified by input-file and writes the file to output-file. You'll be prompted to enter your private key password. When you've entered the password successfully, GnuPG decrypts the file and writes to the output file you specified.
If you're encrypting a file for a recipient other than yourself, consider signing it as well as encrypting it. When you sign a file, the file contains your digital signature. It also contains a timestamp indicating when the file was signed. In addition, the recipient can use your signature to verify that the file has not been tampered with since you signed it. To verify your signature, the recipient will need your public key, so be sure to send this along with the document.
To sign as well as encrypt a file for a recipient other than yourself, do the following:
- Type gpg —output output-file.gpg —sign input-file, where output-file.gpg is the name of the signed file and input-file is the name of the source document. Press [Enter] to sign the file. You'll be prompted to enter the passphrase for your private key. This key is used to create the digital signature.
- Type any uniquely identifying part of your user ID (first name, last name, e-mail address, or comment) and press [Enter].
- Now encrypt the file you just signed, the one with the .gpg suffix. To do so, type gpg —encrypt followed by the name of the signed file (output-file.gpg, from step 1). You'll be prompted to enter the user ID of the recipient.
- Type any uniquely identifying part of the recipient's user ID and press [Enter].
GnuPG creates the signed and encrypted file with the .gpg suffix.
Clearsigning files and creating a detached signature
You can sign files without encrypting them. Although the file can be read by anyone, your signature attests that the file is really from you—and what's more, the recipient can apply your public key to the file to determine whether it has been altered in any way. Signing a file without encryption is called clearsigning.
To clearsign a file, type gpg —clearsign followed by the name of the file, then press [Enter]. GnuPG will create a new file with the .asc suffix.
If you examine a clearsigned file, you'll see that it has been enclosed in an ASCII "wrapper," which includes an ASCII version of your digital signature. Your recipient won't be able to use the file without removing this information. To make life easier for your recipients, you can use a detached signature. A detached signature provides the same function as a clearsign signature; it attests that you are indeed the file's sender, and it enables the recipient to verify that the file hasn’t been altered since you signed it. However, the signature, timestamp, and verification information is stored in a separate file.
To create a detached signature for a file, first type gpg —filename.sig —detach-sig filename, where filename is the name of the file you want to sign. Then, press [Enter]. For example, to create a detached signature for proposal.doc, you’d type gpg —proposal.sig —detach-sig proposal.doc.
Verifying a signature
If you receive a file that has been digitally signed, you can verify it by using the —verify option. To verify an encrypted file that incorporates the signature, you must first decrypt it; verification is automatic.
To verify a clearsigned file that incorporates the signature, type gpg —verify followed by the name of the file. If you're verifying a clearsigned file called proposal.doc, type gpg —verify proposal.doc.
If the document was signed with a detached signature, you must supply the name of the signature file as well as the name of the document. For example, suppose you've received budget.doc and the signature is in a file named budget.sig. To verify the signature, type gpg —verify budget.sig budget.doc.
Exporting, importing, and validating your public key
To exchange encrypted and digitally signed documents with other GnuPG users, you’ll need to export your public keys to a disk file that you can exchange with others. You can export your public key to a binary file or an ASCII-armored file, as I’ll explain.
To export your public key to a binary file, type gpg —output filename.gpg —export user-ID, where filename is the name of the public key file you're creating and user-ID is any uniquely identifying part of your user ID. To export my user ID, I type gpg —output bryan.gpg —export Bryan. This command creates a file containing the public key in binary format.
If you’d like to include your public key in e-mail messages, you’ll need to create an ASCII version of your public key. To do so, use the —armor option, as in
gpg —armor —output bryan-asc.gpg —export Bryan
This command creates an ASCII version of my public key and saves the output in the file named bryan-asc.gpg.
If you’ve received a public key from a correspondent, you need to import the key before GnuPG can use it. To import the key, type gpg —import followed by the name of the binary or ASCII-armored file that contains the key.
Before you use someone's public key, you should first make sure it is valid. To do so, you should read the key's fingerprint, an identifying code. You can access a public key's fingerprint by doing the following:
- Type gpg —edit-key followed by the public key owner's user ID, then press [Enter]. You'll see information about the key and a GnuPG command prompt.
- Type fpr and press [Enter]. You'll see the fingerprint code for this key. Don't exit the GnuPG command mode yet; in step 4, you'll sign the key.
- Call the person who sent you the key, read the fingerprint, and ask this person whether the fingerprint is valid. The fingerprint code should be exactly the same as the one displayed on your correspondent's screen.
- If you’re satisfied that the public key is valid, you can sign the key. (You can still use the key even if you don't sign it.) To do so, type sign at the GnuPG command prompt. Caution: By attaching your signature to this person's key, you’re attesting that it’s valid. Don't do this unless you’ve verified the fingerprint, as described in step 3.
- You should now define the key's trust level, a number from 1 to 4 that expresses your confidence that the key is indeed a valid one that originated from the stated owner. The trust level you assign is for your purposes only; trust information isn't exported or accessible to others. To assign a trust level to the key, type trust at the GnuPG command prompt and press [Enter]. You'll be asked to indicate the trust level (1 = Don't know, 2 = I do NOT trust, 3 = I trust marginally, 4 = I trust fully). If you followed the instructions in step 3, you can type 4 and press [Enter]. If you skipped step 3 and didn't sign the key, type 1 and press [Enter].
- Type quit to exit the GnuPG command mode.
In this Daily Drill Down, you've learned all the basics of using GNU Privacy Guard. You've generated your key pair, encrypted and signed documents, and managed public keys.
With GnuPG-compatible utilities, you can make GnuPG easier (and more fun) to use. If you're running KDE, you'll want to download Geheimnis , a well-conceived front-end program that works with recent versions of PGP as well as GNU Privacy Guard; GNOME users should take a look at GnomePGP . Both of these utilities simplify key-management tasks and enable drag-and-drop for point-and-click encryption, decryption, digital signing, and document verification.
What's missing from the GNU Privacy Guard picture? To use GnuPG conveniently with e-mail, you need a GnuPG-compatible e-mail program. Unfortunately, they're scarce; for the latest information on compatible software, see the GnuPG home page . Scripts and patches for the Emacs and pine e-mail utilities are available now, but there's a dearth of GnuPG support for GUI-based mail packages. Here's the good news: Such support is indeed on the way. For example, KDE users will be able to use GNU Privacy Guard transparently within the KMail utility. In the GTK+/GNOME world, the Archimedes project is once again under way.
Bryan Pfaffenberger, a UNIX user since 1985, is a University of Virginia professor, an author, and a passionate advocate of Linux and open source software. A Linux Journal columnist, his recent Linux-related books include Linux Clearly Explained (Morgan-Kaufmann) and Mastering Gnome (Sybex; in press). His hobbies include messing around with his home LAN and sailing the southern Chesapeake Bay. He lives in Charlottesville, VA. If you’d like to contact Bryan, send him an e-mail.The authors and editors have taken care in preparation of the content contained herein, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for any damages. Always have a verified backup before making any changes.