GNU gpg is encryption and signing tool. The GNU Privacy Guard (GnuPG or GPG) is a free software replacement for the PGP suite of cryptographic software. GnuPG encrypts messages using asymmetric keypairs individually generated by GnuPG users. The resulting public keys can be exchanged with other users in a variety of ways, such as Internet key servers. They must always be exchanged carefully to prevent identity spoofing by corrupting public key ↔ ‘owner’ identity correspondences. It is also possible to add a cryptographic digital signature to a message, so the message integrity and sender can be verified, if a particular correspondence relied upon has not been corrupted.
How do I create my own GnuPG private and public key
- Login to your shell account
- Use gpg command to create the keys
- Now keys generated, you can list your own key using:
- To list secret key, type the command:
$ gpg --gen-key
gpg (GnuPG) 1.4.1; Copyright (C) 2005 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. gpg: directory `/home/sheron/.gnupg' created gpg: new configuration file `/home/sheron/.gnupg/gpg.conf' created gpg: WARNING: options in `/home/sheron/.gnupg/gpg.conf' are not yet active during this run gpg: keyring `/home/sheron/.gnupg/secring.gpg' created gpg: keyring `/home/sheron/.gnupg/pubring.gpg' created Please select what kind of key you want: (1) DSA and Elgamal (default) (2) DSA (sign only) (5) RSA (sign only) Your selection? Press [Enter] Key DSA keypair will have 1024 bits. ELG-E keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) Press [Enter] Key Requested keysize is 2048 bits Please specify how long the key should be valid. 0 = key does not expire = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years Key is valid for? (0) Press [Enter] Key Key does not expire at all Is this correct? (y/N) y You need a user ID to identify your key; the software constructs the user ID from the Real Name, Comment and Email Address in this form: "Heinrich Heine (Der Dichter) " Real name: sheron Email address: email@example.com Comment:[Enter] key You selected this USER-ID: "sheron" Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O You need a Passphrase to protect your secret key. Enter passphrase: [Enter password twice] We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. .+++++....+++++++++++++++..++++++++++..++++++++++...++++++++++++++++++++.+++++++++++++++++++++++++++++++++++.+++++..++++++++++++++++++++.++++++++++..+++++.+++++.+++++>+++++....+++++>.+++++...................................................................+++++^^^^^^^^^^^ gpg: /home/sheron/.gnupg/trustdb.gpg: trustdb created gpg: key 8E19F126 marked as ultimately trusted public and secret key created and signed. gpg: checking the trustdb gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u pub 1024D/8E19F126 2007-02-10 Key fingerprint = A7AF E25D 3E8D 6946 37CC 8CCE 12C4 8DC1 8E19 F126 uid sheron sub 2048g/032824B9 2007-02-10
$ gpg -K
$ gpg --list-keys
/home/sheron/.gnupg/pubring.gpg ------------------------------ pub 1024D/CA7A8402 2007-02-10 uid sheron sub 2048g/0A7B4F93 2007-02-10
Let us try to understand the line
pub 1024D/CA7A8402 2007-02-10:
pub : Public key
1024D : The number of bits in the key
CA7A8402 : The key ID
2007-02-10 : The date of key creation
sheron : The user real name
<firstname.lastname@example.org> :The email id
Most important is the key ID i.e. CA7A8402.
Make sure you use powerful passphrase to protect keys and not the easy one.
$ gpg --list-secret-keys
/home/sheron/.gnupg/secring.gpg ------------------------------ sec 1024D/CA7A8402 2007-02-10 uid sheron ssb 2048g/0A7B4F93 2007-02-10