howto

Creating strong PGP keys – Quick and Dirty

Ok, all PGP keys are strong. However, here is some advice on how to create good keys:

  1. $ gpg –gen-key –enable-dsa2
  2. Select (1) DSA and Elgamal (default).
  3. Use 3072 as keysize for DSA keys.
  4. Use 4096 as keysize for ELG-E keys.
  5. Continue at will until key generation is finished.
  6. gpg –edit-key Key-ID
  7. showpref
  8. setpref AES256 TWOFISH AES192 AES SHA256 SHA512 RIPEMD160 ZIP BZIP2
  9. save
  10. ALWAY CREATE A REVOKE CERTIFICATION IN CASE YOU LOOSE YOUR PASSPHRASE:
    gpg –gen-revoke Key-ID > Key-ID.revcert.asc in der Konsole eingeben
  • Main Operations:
	gpg --list-keys
	gpg --keyserver hkp://[YOURKEYSERVERURL] --send-keys Key-ID
	gpg -ao Key-IDpubkey.asc --export Key-ID
	gpg -o Key-IDseckey --export-secret-keys Key-ID
	gpg --import Keyfile.asc
	gpg --keyserver hkp:[YOURKEYSERVERURL] --search-keys "User Name"
	gpg --fetch-keys URL
	gpg --recv-keys Key-ID
  • Change passphrase:
  1. gpg –edit-key Key-ID
  2. passwd
  3. save
  • Cleanup (remove unused stuff):
  1. gpg –edit-key Key-ID
  2. clean
  3. save
  • Revoke:
  1. gpg –edit-key Key-ID
  2. key n (if only subkeys need to be revoked)
  3. revkey

BTW, useful stuff:

  • Commandline GnuPG (also for Windows)
  • A Good Windows GUI: GnuSHELL
  • Awesom Firefox Plugin (makes PGP with Webmail etc easy): FireGPG
Advertisements
Standard

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s