GPG#

Gnupg, of gpg gebruik je om file te encrypten, signen en decrypten.

  • Je genereert eerst je eigen key (private en public key(info)).
  • Je spullen staan vervolgens in ~/.gnupg
  • Listen van keys: 
/home/metskem/.gnupg/pubring.gpg
--------------------------------
pub   1024D/13BE2497 2007-12-11
uid                  Janne Jalkanen <Janne.Jalkanen@iki.fi>
uid                  Janne Jalkanen <jalkanen@apache.org>
uid                  Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
sub   4096g/6654F31F 2007-12-11

pub   1024D/C1281CDC 2008-08-22
uid                  Harry Metske <harry.metske@gmail.com>
uid                  Harry Metske <metskem@apache.org>
sub   2048g/2143C3AC 2008-08-22

pub   1024D/9FD37401 2008-08-26
uid                  Ons Gastje <ons.gastje@nowhere.com>
sub   2048g/DD591270 2008-08-26
  • Signen en encrypten van files die door metskem moeten kunnen worden decrypted : 
metskem@blackpearl:/tmp$ gpg --recipient metskem -se backup.list

You need a passphrase to unlock the secret key for
user: "Harry Metske <harry.metske@gmail.com>"
1024-bit DSA key, ID C1281CDC, created 2008-08-22

File `backup.list.gpg' exists. Overwrite? (y/N) y
metskem@blackpearl:/tmp$ ls -l backup.*
-rw-r--r-- 1 metskem root     49165 2008-11-17 20:26 backup.list
-rw-r--r-- 1 metskem users     7031 2008-11-17 20:55 backup.list.gpg
  • Decrypten van files : 
metskem@blackpearl:/tmp$  gpg -d backup.list.gpg > backup.decrypted.list

You need a passphrase to unlock the secret key for
user: "Harry Metske <harry.metske@gmail.com>"
2048-bit ELG-E key, ID 2143C3AC, created 2008-08-22 (main key ID C1281CDC)

gpg: encrypted with 2048-bit ELG-E key, ID 2143C3AC, created 2008-08-22
      "Harry Metske <harry.metske@gmail.com>"
gpg: Signature made Mon 17 Nov 2008 08:55:44 PM CET using DSA key ID C1281CDC
gpg: Good signature from "Harry Metske <harry.metske@gmail.com>"
gpg:                 aka "Harry Metske <metskem@apache.org>"
  • list van (ascii formaat) public key: 
gpg --export -a 'Harry Metske (CODE SIGNING KEY) <metskem@apache.org>'

Dit levert een public key in ascii in een file/

Default signing key

You can specify this during invocation with the --default-key option, or Add "default-key uid-of-my-key" to your ~/.gnupg/gpg.conf .

(whatawonderfulpassphraseha)

Verify a checksum 

metskem@gneisenau:~/ff/gpgtest$ gpg --verify JSPWiki-incubating-2.9-bin.zip.asc 
gpg: Signature made Tue 17 Apr 2012 09:21:53 PM CEST using RSA key ID D57926DD
gpg: Good signature from "Harry Metske (CODE SIGNING KEY) <metskem@apache.org>"
This page (revision-1) was last changed on 23-Apr-2022 17:05 by Harry MetskeTop