|
GNU Privacy Guard exercises
Install GPG on smbhost:
In the example below, there is key and message echange between users
carol (Carol Wilson) and jack (Jack Black).
You need to
create two user accounts, carol and jack on smbhost VM.
Remember the passwords.
Open two terminals on your desktop and SSH to smbhost as user
carol in one terminal window
and user jack in the other terminal window:
As user carol run command gpg to initialize the keys:
Follow the instruction for generating keys below:
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) ENTER
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0) 2m
Key expires at Sat 08 Jun 2013 06:40:50 PM EDT
Is this correct? (y/N) y
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) "
Real name: Carol Wilson
Email address: carol@linux.class
Comment:
You selected this USER-ID:
"Carol Wilson "
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.
gpg: gpg-agent is not available in this session
Enter passphrase:
Remember the passphrase.
Make carol's public key available for exchange by running the following command as user carol:
File carol.pub contains her public key.
User jack performs the similar procedures to generate
the gpg keys and have the public key in a file:
User jack gets carol's public key and imports it:
Verifies it:
jack should accept the key by signing it:
Carol Wilson creates a new file and signs it.
For example, a text file, netapp.txt,
and a signature:
The second command above creates a new file, netapp.txt.sig
The recepient, jack, who already has imported and signed her public key,
copies netapp.txt with the signature file and verifies the file:
If the signature is correct, the output should contain:
gpg: Good signature from "Carol Wilson "
Sending/Receiving signed encrypted messages.
carol imports and signs Jack's public key in the same way as
he did with her's.
The sender, carol, uses the recepient's, jack's, public keys to
encrypt a message located in file netapp.txt and save it in file forjack.gpg:
The recepient, jack, decrypts the message with his private
key.
The output can be saved in a text file, forjack.txt:
Verify signature for dowloaded software:
Download the following files:
DJM-GPG-KEY.asc
openssh-4.4p1.tar.gz
openssh-4.4p1.tar.gz.asc
Import the public key:
Check if the key has been added:
Signe the key:
Verify that the signute for the software is good:
Delete the key from the keyring:
Verify that the key has been deleted:
|
|