Securities Software (Management & Limitation).Linux GnuPG
[root@deep /]# gpg -sear RedHat message-to-RedHat.txt
You need a passphrase to unlock the secret key for
user: “Gerhard Mourani (Open Network Architecture)
1024-bit DSA key, ID BBB4BA9B, created 1999-10-26
Enter passphrase:
Of the arguments passed, the “s” is for signing (To avoid the risk that somebody else claims to be you, it is very useful to sign everything you encrypt), “e” for encrypting, “a” to create ASCII armored output (”.asc” ready for sending by mail), “r” to encrypt the user id name and
• To decrypt data, use the following command: [root@deep /]# gpg -d
For example:
[root@deep /]# gpg -d message-to-Gerhard.asc
You need a passphrase to unlock the secret key for
user: “Gerhard Mourani (Open Network Architecture)
2048-bit ELG-E key, ID 71D4CC44, created 1999-10-26 (main key ID BBB4BA9B)
Enter passphrase:
Where “-d” is for decrypting and
Exporting your public key
You can expand your horizons by exporting and distributing your public key over the world. This can be done by publishing it on your homepage, through an available key server on the Internet, or any other available method. GnuPG has some useful options to help you publish your public keys.
• To extract your public key in ASCII armored output, use the following command:
[root@deep /]# gpg –export -armor > Public-key.asc
Where “-export” is for extracting your Public-key from your pubring encrypted file, “–armor” is to create ASCII armored output that you can mail, publish or put it on a web page and “> Public-key.asc” is to put the result in a file that you’ve named Public-key.asc.
Checking the signature
Once you have extracted your public key and exported it, everyone who knows or gets your public key should be able to check whether encrypted data from you is also really signed by you.
• To check the signature of encrypted data, use the following command:
[root@deep /]# gpg -verify
The “-verify” option will check the signature where is the encrypted data/file you want to verify.