pgp.rst
author Oleksandr Gavenko <gavenkoa@gmail.com>
Mon, 30 Nov 2015 23:05:32 +0200
changeset 1797 912e278e4896
parent 1796 c15cf5f1132c
child 1905 fba288d59662
permissions -rw-r--r--
Making revocation certificate.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
1792
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
     1
.. -*- coding: utf-8; -*-
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
     2
.. include:: HEADER.rst
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
     3
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
     4
==========
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
     5
 PGP/GPG.
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
     6
==========
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
     7
.. contents::
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
     8
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
     9
What preffered client?
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    10
======================
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    11
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    12
GNU gpg.
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    13
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    14
How import keys from key-server?
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    15
================================
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    16
::
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    17
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    18
  $  gpg --keyserver pgp.mit.edu --recv-keys $KEYID
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    19
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    20
How mark key as trusted?
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    21
========================
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    22
::
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    23
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    24
  $ gpg --edit-key $KEYID trust
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    25
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    26
How export key?
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    27
===============
1796
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    28
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    29
Export public key in binary (OpenGPG) form::
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    30
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    31
  $ gpg --export $KEYID >$PUBKEY.asc
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    32
  $ gpg --output $PUBKEY.asc --export $KEYID
1792
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    33
1796
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    34
Export public key in text form::
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    35
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    36
  $ gpg -a --export $KEYID >$PUBKEY.asc
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    37
  $ gpg --armor --export $KEYID >$PUBKEY.asc
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    38
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    39
Export private key (it still encrypted by pass-phrase)::
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    40
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    41
  $ gpg --output $PRIVKEY.gpg --export-secret-key $KEYID
1792
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    42
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    43
How create own PGP key?
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    44
=======================
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    45
::
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    46
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    47
  $ gpg --gen-key   # answer the question
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    48
  ...
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    49
  $ gpg -o $keyfile --export-secret-keys $NAME
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    50
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    51
How import keys from file?
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    52
==========================
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    53
::
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    54
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    55
  $ gpg --import $keyfile
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    56
1796
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    57
How to get public key from private without importing to local storage?
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    58
======================================================================
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    59
::
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    60
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    61
  tmp=$(mktemp -d)
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    62
  gpg --homedir $tmp --import $SECKEY
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    63
  gpg --homedir $tmp --export $ID > $PUBKEY
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    64
  rm -rf $tmp
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    65
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    66
..
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    67
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    68
  http://stackoverflow.com/questions/7661500/how-to-get-public-key-from-private-in-gpg-without-using-local-storage-under
c15cf5f1132c How to get public key from private without importing to local storage?
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1792
diff changeset
    69
1792
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    70
How submit public key to key server?
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    71
====================================
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    72
::
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    73
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    74
  $ gpg --keyserver pgp.mit.edu --send-key $KEYID
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    75
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    76
What keys in local db?
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    77
======================
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    78
::
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    79
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    80
  $ gpg --list-keys
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    81
  $ gpg --list-keys $KEYID
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    82
  $ gpg --list-keys $EMAIL
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    83
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    84
  $ gpg --list-secret-keys
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    85
1797
912e278e4896 Making revocation certificate.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1796
diff changeset
    86
Making revocation certificate.
912e278e4896 Making revocation certificate.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1796
diff changeset
    87
==============================
912e278e4896 Making revocation certificate.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1796
diff changeset
    88
::
912e278e4896 Making revocation certificate.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1796
diff changeset
    89
912e278e4896 Making revocation certificate.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1796
diff changeset
    90
  $ gpg --armor --output $KEYID.rev --gen-revoke $KEYID
912e278e4896 Making revocation certificate.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents: 1796
diff changeset
    91
1792
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    92
How delete key?
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    93
===============
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    94
::
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    95
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    96
  $ gpg --delete-key $KEYID
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    97
  $ gpg --delete-key $USER
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    98
  $ gpg --delete-key $EMAIL
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
    99
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   100
  $ gpg --delete-secret-key $KEYID
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   101
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   102
Dump content of key or signture.
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   103
================================
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   104
::
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   105
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   106
  $ gpg --list-packets $FILE.sig
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   107
  $ gpg --list-packets $FILE.key
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   108
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   109
  $ sudo apt-get install pgpdump
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   110
  $ pgpdump $FILE.sig
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   111
  $ pgpdump $FILE.key
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   112
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   113
How sign file?
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   114
==============
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   115
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   116
To sign with first key::
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   117
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   118
  $ gpg -o $file.sig --sign $file
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   119
  $ gpg --default-key $NAME -o $file.sig --sign $file
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   120
  $ gpg -u ${USER_NAME} -o $file.sig --sign $file
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   121
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   122
How verify signature?
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   123
=====================
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   124
::
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   125
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   126
  $ gpg --verify $file.sig
76efdcf0aa3e Dump content of key or signture.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
diff changeset
   127