Securing-Optimizing-RH-Linux-1_2_217
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca
© Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ®
217
·
To decrypt data, use the following command:
[root@deep /]# gpg -d <file>
For example:
[root@deep /]# gpg -d message-to-Gerhard.asc
You need a passphrase to unlock the secret key for
user: "Gerhard Mourani (Open Network Architecture) <gmourani@videotron.ca>"
2048-bit ELG-E key, ID 71D4CC44, created 1999-10-26 (main key ID BBB4BA9B)
Enter passphrase:
Which mean -d is for decrypting and <file> is the message you want to decrypt. It is important
that the public key of the sender of the message we want to decrypt is in our public keyring
database or nothing will work.
Exporting your public key
You can expand your horizon by exporting and distributing your public key over the word. This
can be done by publishing it on your homepage, through an available key server on the Internet
or any other method. GnuPG has some useful options to help you publish your public keys.
·
To extract your public key in ASCII armored output, use the following command:
[root@deep /]# gpg --export --armor > Public-key.asc
Which mean --export is for extracting your Public-key from your pubring encrypted file, --armor
to create ASCII armored output that you can mail, publish or put it on a web page and > Public-
key.asc to put the result in a file that youre named Public-key.asc.
Checking the signature
Once you have extracted your public key and exporting it, everyone who knows or get your public
key should be able to check whether encrypted data from you are also really signed by you.
·
To check the signature of encrypted data, use the following command:
[root@deep /]# gpg --verify <Data>
The --verify option will check the signature, and <Data> is the encrypted data or file you want to
verify.
Some possible uses of GnuPG software
GnuPG can be used to:
1. Send encrypted mail massage.
2. Encrypt backup files before transmission over the network.
3. Encrypt individual sensitive files (i.e. a file that handle all your passwords).
Installed files
> /usr/bin/gpg
> /usr/lib/gnupg
> /usr/lib/gnupg/rndunix
> /usr/lib/gnupg/rndegd
> /usr/lib/gnupg/tiger
> /usr/man/man1/gpg.1
> /usr/share/gnupg