projectz

Tech, Gadgets, Photography, Social Media and Poor Spelling

Setting up a GPG Key in Ubuntu

16502340-abstract-word-cloud-for-entropy-with-related-tags-and-terms

 

It’s good to know that the file you downloaded came froma trusted source or the email you received is from who it is supposed to be from.. This is done by using keys to encrypt and sign files. Seeing as how this is a free service there’s really no need to not use it.

What is GPG?

GnuPG is the GNU project‘s complete and free implementation of the OpenPGP standard as defined by RFC4880 . GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries are available. Version 2 of GnuPG also provides support for S/MIME.

What is this post about?

I recently had a need for setting up GPG for my work role, and i’m using Evolution as a mail client there are a few posts i had to use and some troubleshooting so i’ve collated them in a single place..

Key Generation, Graphic User Interface (GUI)

First, you’ll need to make sure you have (or install) the following packages:

  • seahorse

Then proceed with the following:

  1. Launch a Seahorse by hitting Alt & F2 then type seahorse

  2. Click on Key -> Create New Key… (Or, hit Ctrl+N)

  3. Select PGP Key and click on Continue

  4. Enter in the following information:
    Your First and Last Name in the Full Name: field
    Your Email Address in the Email Address: field
    Optional – a comment in the Comment: field
    Click on Advanced Options
    The default options are fine, but you may want to change them
    Click on Create

  5. You will now have to enter you password or passphrase for your PGP key – it’s recommended to use a sentence with a mix of random numbers and mixed capitalization; do not make this easy to guess!

  6. You should now see that your key has been created
    See the column labeled Key ID ? (currently blocked out with the white box..) You will need to reference that number|text string later on in Evolution

  7. Right click on your Key and select Sync and Publish Keys…

  8. Click on Sync and then wait a moment or two

  9. You have now successfully created a PGP key and uploaded it to a public server

  10. See how you can integrate this with Evolution email client

Key Generation, Command Line Interface (CLI)

First, you’ll need to make sure you have (or install) the following packages:

  • gnupg

  • gnupg-agent

Then proceed with the following:

  1. Launch a terminal window by hitting Alt & F2 then type xterm

  2. Enter the following xterm window:
    gpg –gen-key

  3. Then enter (this selects the option, “1- to create a standard DSA/ElGamal key” – this is selected by default) and press Enter

  4. Type in 1024 and then press Enter

  5. Type in 0 and then press Enter

  6. Enter a y and then press Enter

  7. Type in your Real Name, as in your first and last name and press Enter

  8. Type in your email address (this is the email address you will be using your GPG Key with) and press Enter

  9. In the Comment field, you can leave this blank or add other important information, then press Enter

  10. Type 0 (as in Okay) to confirm settings so far and then press Enter

  11. You will now have to type in your Pass Phrase – it’s recommended to use a sentence with a mix of random numbers and mixed capitalization; do not make this easy to guess!
    IMPORTANT: The Pass Phrase is not long enough you will be warned and prompted to enter a new one again

  12. You will have to re-enter your Pass Phrase again to confirm it

  13. Wait for your computer to generate the random bytes needed for they key, this could take a while

Once they Key generation process has finished, proceed with the following:

  1. While in the same xterm, type in the following command:
    gpg –export -a “User Name” > public.key
    Be sure to replace “User Name” with your actual username

  2. Open a nautilus window by hitting Alt & F2 and typing nautilis

  3. Find the file public.key in your home directory

  4. Right click on the file, then left click on Open with “Text Editor”

  5. Press CTRL+A, then CTRL+C
    Or, Edit -> Select All and then Edit -> Copy

  6. Launch a web browser and visit this page, http://pgp.mit.edu

  7. In the box under labeled “Submit a key” – right click in the box and then left click on Paste

  8. Click on the button labeled, Submit this key to the keyserver!

  9. Go back to http://pgp.mit.edu

  10. Type in your First and Last name in the Search String: box

  11. On the results page you are looking for keyID column

Setting up a key in KDE using KGpg

You can access the Key Manager from Keys → Generate Key Pair.

Simply enter your name, Email address and click Ok. This will generate a standard gpg key. If you want more options, you can click on the Expert Mode button, which will bring up a Konsole window with all of gpg’s options.

Many people play around with their first key, generate bad user ids, add comments they later regret or simply forget their passphrase. To avoid such keys to stay valid forever it’s usually a good idea to limit the lifetime to some 12 month. You can modify the lifetime of your secret keys later using the key properties window.

Troubleshooting

You can have issues when generating the keys which the GUI’s provide terrible feedback

The first problem I had was when generating the key, it timed out with the error

Not enough entropy

apt-get install rng-tools

 There is a better way of generating entropy but we need to change the rng files

nano /etc/default/rng-tools

add

HRNGDEVICE=/dev/urandoma

Once installed

/etc/init.d/rng-tools start

Permissions Issues

Running the command

gpg --fingerprint <email address>

states you don’t have the correct permissions

Maybe so happens that root is owning your files now. This can be changed

by:

sudo chown -R <your username? ~/.gnupg

and then as your user (no sudo):

chmod 600 ~/.gnupg/gpg.conf
chmod 700 ~/.gnupg

To check the result:

ls -l ~/.gnupg
ls -ld ~/.gnupg

So once you’ve got the keys sorted how do you configure Evolution?

Launch Evolution

Go to Edit -> Preferences or hit Shift+Ctrl+S

Choose your email account, left click on it once, and then click Edit

Click on the Security tab (found on the far right)

In the PGP/GPG Key ID: box, enter (or paste) your Key ID (sometimes called keyID) – see the steps listed above on where this is located or how you can find your Key ID

Click OK

Click Close

If you want to use your key in any new email, simply click on the Security menu item in your new mail message, and then click on PGP Sign or PGP Encrypt

 

Sources:


Advertisements

2 comments on “Setting up a GPG Key in Ubuntu

  1. jake
    July 6, 2013

    Its appropriate time to make some plans for the future and its time to be happy. I have read this post and if I could I want to suggest you few interesting things or tips. Maybe you can write next articles referring to this article. I want to read more things about it!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: