GNU privacy guard
GnuPG stands for GNU Privacy Guard and is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP? Internet standard as described in RFC:2440 As such, it is aimed to be compatible with PGP from NAI Inc. (from the FAQ)
- start here → http://www.gnupg.org
- keyserver search http://www.hal-pc.org/~bunbytes/karlsson/pgp/keyservers.html#uki
- pgpdump for packet visualisation http://www.pgpdump.net/
- mac OsX version > http://macgpg.sourceforge.net/
frontends
mostly unfinished implementtions of a subset of the commandline version (wih the advantage of being esier to work out).
- gpa - ok for key management (current version wont correctly sign keys)
- seahorse/tkpgp - encrypt/decrypt + basic key management (no signing)
- kgpg - still to check
- engimail, for the thunderbord mailer → http://enigmail.mozdev.org/
commandline summary
decrypt | gpg -d (file) | |
search/list keys | gpg –list-keys (search term) | |
edit a key | gpg –default-key (key-id) –edit-key (key-id) | |
fingerprints | gpg –fingerprint | |
list the secret keys | gpg –list-secret-keys | |
delete a public key | gpg –delete-key (key id) | |
edit key info | gpg –edit-key (key id) | |
update local keyring from keyserver | gpg –refresh-keys |
establishing trust
- “Validating a PGP key without personal contact” > http://www.pps.jussieu.fr/~jch/software/pgp-validating.html
- “Social Implications of Keysigning” > http://attrition.org/security/rant/z/keysigning.html