Red Hat NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE Manuale Utente Scaricare il pdf (Pagina 30)

GPG

√

Description

Key Creation

Under GPG, there is no GUI. To create a key under, perform the following

steps at a command prompt:

1. gpg --gen-key

2. Select 1 for DSA and ElGamal

3. For What keysize do you want, type 2048

4. For Key is valid for, enter 13m

5. Verify date of expiration is 13 months from today and enter Y for Is

this correct?

6. For Real Name, enter a logical name for the particular key you are

creating

7. For Email Address, enter your email address

8. For Comment, enter a brief comment for what the key is to be used

for or leave it blank

9. Review your entries, make any changes as necessary, then type O for

Okay

10. Create a Passphrase based on the requirements in the Standards

section above.

11. Reenter the passphrase

12. Now begin moving the mouse and typing junk at the keyboard to

create random information for the key generator.

13. When it’s completed, you will be back at the command prompt

14. Export the public key by typing gpg --export KeyID >

KeyID-pubkey.pgp where KeyID is the Real Name you entered

when creating the key

15. Export the private key by typing gpg --export-secret-key

KeyID > KeyID-seckey.pgp where KeyID is the Real Name

you entered when creating the key

16. Copy the two .pgp files you created to a floppy, USB, etc. for backup

purposes.

17. Delete the exported files from the system

GPG

Commands

The keyname referenced in the commands below can be either the owners’s

name, the user’s email address or the key ID. If you happen to have gpg keys

with the same owner’s name and email address, you can differentiate between

them based on the key ID.

What is the key ID? It is the hex ID given after the keysize. For instance,

using the command gpg --list-keys will show all the keys in your

keyring, like this:

# gpg --list-keys

pub 1024D/28394F0E 2006-09-07 [expires: 2006-10-07]

uid MyTestKey (testkey1) <[email protected]>

sub 2048g/020D77F8 2006-09-07 [expires: 2006-10-07]

pub 1024D/2608AE83 2006-09-07 [expires: 2007-10-02]

uid MyTestKey (testkey2) <[email protected]>

sub 2048g/C25E7EF4 2006-09-07 [expires: 2007-10-02]

You can see that there are two keys with the same name (MyTestKey) and

email address (teskey@corpone.org). However, the key IDs will always be

different. The keysize is shown, followed by the public hex key ID, shown

1 2 ... 25 26 27 28 29 30 31 32 33 34 35 ... 59 60

Commenti su questo manuale

Nessun commento

Red Hat NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE Manuale Utente Pagina 30

Commenti su questo manuale