Difference between revisions of "Protecting passwords with gpg"
From dbawiki
(Created page with "==Gnu Privacy Guard== ===Generate a private/public key pair=== <pre> gpg --gen-key </pre> ===(Optional) Keyserver Registration=== To enable someone to retrieve your public key...") |
(→Gnu Privacy Guard) |
||
| Line 10: | Line 10: | ||
gpg --fingerprint <your name used in generation above> | gpg --fingerprint <your name used in generation above> | ||
</pre> | </pre> | ||
| − | id is | + | id is the hex digit string after the / on the line starting with "pub" |
fingerprint is the 10 groups of 4 hex digits on the "fingerprint" line! | fingerprint is the 10 groups of 4 hex digits on the "fingerprint" line! | ||
====Register with a key server==== | ====Register with a key server==== | ||
| − | There are many available. This example | + | There are many available. This is just one example. |
<pre> | <pre> | ||
| − | gpg --keyserver pgp. | + | gpg --keyserver subkeys.pgp.net --send-keys '<id>' |
or | or | ||
| − | gpg --keyserver pgp. | + | gpg --keyserver subkeys.pgp.net --send-keys '<fingerprint>' |
</pre> | </pre> | ||
Either method works. | Either method works. | ||
| Line 32: | Line 32: | ||
====List the private key on your keyring==== | ====List the private key on your keyring==== | ||
<pre> | <pre> | ||
| − | gpg --list-secret-keys | + | [oracle@sdtcsynx4adb01 ~]$ gpg --list-secret-keys --keyid-format LONG |
| + | /home/oracle/.gnupg/secxxxx.gpg | ||
| + | ------------------------------- | ||
| + | sec 1024D/xxxx78D9BC15EC4B 2014-09-23 | ||
| + | uid xxxxsynxxxxx01 (xxxxxxxx xxxx) <[email protected]> | ||
| + | ssb 1024g/6592B7C56EEBBB8A 2014-09-23 | ||
| + | </pre> | ||
| + | ====Use the private key on your keyring to display public key==== | ||
| + | <pre> | ||
| + | gpg --armor --export xxxx78D9BC15EC4B | ||
| + | -----BEGIN PGP PUBLIC KEY BLOCK----- | ||
| + | Version: GnuPG v2.0.14 (GNU/Linux) | ||
| + | |||
| + | mQGiBFQhW3URBADY5RfOofl4/8tA+FN2zbVFAHV5hzI8vQA8wmAC9GV3B4HR6xYC | ||
| + | 5qBQPANhFgi9Atw+b/E/3Cs2+g5MfLwOvglxa5cOgbvYMohu80qOz/lXsVHNaaco | ||
| + | n1FPTswudXca6h85QOu1tPj/3Y+bW+QaZS+SddMCv3KM5fxOUbaTRTIWUwCg56Jd | ||
| + | FZEuDM7jFljyJE3lwDlcdo0EAIClPqBLCXXE3ZyJjNrcMyaqm8bNWyifjq5ZhXBU | ||
| + | ... | ||
| + | lFx+IJyA791gruhSecKmcQHcruOrinrvXiS4OULNSbOlmuB+KsaVLAA3clpNI30Y | ||
| + | ph1CEgBka0N1nLl/8qN3XTaSydx7DbYZCwW5TMEmWj8z8K3QQ5njeGPXTtmISQQY | ||
| + | EQIACQUCVCFbdQIbDAAKCRCZMXjZvBXsS9TqAKDCqDwvFE+gKtHv5Wc3DTSPjIUf | ||
| + | vACcCZB+Z0p4SV/Js+MSHU1ewntB4CU= | ||
| + | =QKiI | ||
| + | -----END PGP PUBLIC KEY BLOCK----- | ||
</pre> | </pre> | ||
====Delete someones public key from your keyring==== | ====Delete someones public key from your keyring==== | ||
| Line 40: | Line 63: | ||
<pre> | <pre> | ||
gpg --armor --output pubic_gpg_key.txt --export '<your name used in generation above>' | gpg --armor --output pubic_gpg_key.txt --export '<your name used in generation above>' | ||
| + | </pre> | ||
| + | ====Change information about the key==== | ||
| + | <pre> | ||
| + | gpg --refresh-keys | ||
</pre> | </pre> | ||
Latest revision as of 16:24, 30 January 2017
Contents
- 1 Gnu Privacy Guard
- 1.1 Generate a private/public key pair
- 1.2 (Optional) Keyserver Registration
- 1.2.1 Find the id/fingerprint
- 1.2.2 Register with a key server
- 1.2.3 Decrypt a file using your (stored) private key
- 1.2.4 List the public keys on your keyring
- 1.2.5 List the private key on your keyring
- 1.2.6 Use the private key on your keyring to display public key
- 1.2.7 Delete someones public key from your keyring
- 1.2.8 Change information about the key
Gnu Privacy Guard[edit]
Generate a private/public key pair[edit]
gpg --gen-key
(Optional) Keyserver Registration[edit]
To enable someone to retrieve your public key without having to contact you directly.
Find the id/fingerprint[edit]
gpg --fingerprint <your name used in generation above>
id is the hex digit string after the / on the line starting with "pub" fingerprint is the 10 groups of 4 hex digits on the "fingerprint" line!
Register with a key server[edit]
There are many available. This is just one example.
gpg --keyserver subkeys.pgp.net --send-keys '<id>' or gpg --keyserver subkeys.pgp.net --send-keys '<fingerprint>'
Either method works.
Decrypt a file using your (stored) private key[edit]
gpg --decrypt --output /tmp/<readable file> <encrypted file> or gpg -d -o /tmp/<readable file> <encrypted file>
List the public keys on your keyring[edit]
gpg --list-keys
List the private key on your keyring[edit]
[oracle@sdtcsynx4adb01 ~]$ gpg --list-secret-keys --keyid-format LONG /home/oracle/.gnupg/secxxxx.gpg ------------------------------- sec 1024D/xxxx78D9BC15EC4B 2014-09-23 uid xxxxsynxxxxx01 (xxxxxxxx xxxx) <[email protected]> ssb 1024g/6592B7C56EEBBB8A 2014-09-23
Use the private key on your keyring to display public key[edit]
gpg --armor --export xxxx78D9BC15EC4B -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.14 (GNU/Linux) mQGiBFQhW3URBADY5RfOofl4/8tA+FN2zbVFAHV5hzI8vQA8wmAC9GV3B4HR6xYC 5qBQPANhFgi9Atw+b/E/3Cs2+g5MfLwOvglxa5cOgbvYMohu80qOz/lXsVHNaaco n1FPTswudXca6h85QOu1tPj/3Y+bW+QaZS+SddMCv3KM5fxOUbaTRTIWUwCg56Jd FZEuDM7jFljyJE3lwDlcdo0EAIClPqBLCXXE3ZyJjNrcMyaqm8bNWyifjq5ZhXBU ... lFx+IJyA791gruhSecKmcQHcruOrinrvXiS4OULNSbOlmuB+KsaVLAA3clpNI30Y ph1CEgBka0N1nLl/8qN3XTaSydx7DbYZCwW5TMEmWj8z8K3QQ5njeGPXTtmISQQY EQIACQUCVCFbdQIbDAAKCRCZMXjZvBXsS9TqAKDCqDwvFE+gKtHv5Wc3DTSPjIUf vACcCZB+Z0p4SV/Js+MSHU1ewntB4CU= =QKiI -----END PGP PUBLIC KEY BLOCK-----
Delete someones public key from your keyring[edit]
gpg --list-secret-keys
gpg --armor --output pubic_gpg_key.txt --export '<your name used in generation above>'
Change information about the key[edit]
gpg --refresh-keys
