Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: Advanced GnuPG Concepts - Advanced Key Generation

  1. #11
    Join Date
    Mar 2007
    Location
    Denver, CO
    Beans
    7,554
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Advanced GnuPG Concepts - Advanced Key Generation

    Tutorial is not completed yet -- hence the reason that its missing!!!

  2. #12
    Join Date
    Apr 2007
    Location
    Houston, TX
    Beans
    Hidden!
    Distro
    Ubuntu 11.10 Oneiric Ocelot

    Re: Advanced GnuPG Concepts - Advanced Key Generation

    @kevdog: Thank you for this post. I, like many others, appreciate the content of what you have written thus far. You're a little ahead of your time. By that, I mean you are posting content to a forum littered with users who are really just trying to get their *buntu installations behaving the way they want them. The current state of personal security is such that it is an afterthought. When everything else works and is understood, then they begin to explore "newer" concepts such as personal data security and integrity.

    Honestly, my knowledge of Linux is quite limited. I'm only just beginning to venture beyond a beginner level of knowledge; I can now just barely administer my own systems on the command line with the help of the occasional how to--and I have this forum and members like you to thank for what I have accomplished.

    I think that personal data security/integrity will become a very hot topic for the average user in the comming years and I have yet to find any resource as thorough as yours that is intelligible by the average user. Every "complete" resource I've run across on this topic is either lacking in depth or is inundated with mathematical formulas that I would guess 70%+ of any OS's user base doesn't even know how to read. There just aren't a lot of people who retain calculus beyond their initial exposure. You have brought this topic to the masses in a way that we can understand--devoid of mathematical theory and obscure (to most of us) mathematical symbols.

    It doesn't have to be kevdog that finishes this content, but it does need to be finished by someone.

    *steps off of soap box*
    Vive la révolution!

  3. #13
    Join Date
    Feb 2007
    Location
    New Jersey, USA
    Beans
    318

    Re: Advanced GnuPG Concepts - Advanced Key Generation

    I've always had trouble understanding how subkeys worked. I once read that it's nice if a particular subkey gets compromised, the user can regenerate his subkeys without having to redistribute because everyone has the master key...

    I'm sure there are some other benefits of having multiple signing and encryption keys grouped under the same master key.

    Maybe you could elaborate on this topic.

    Great article though. You might consider some links for practical usage; Enigmail comes to mind.
    Disclaimer: All of my advice is guaranteed without exception to work. If you find my advice unsatisfactory, you didn't do it right.

  4. #14
    Join Date
    Mar 2007
    Location
    Denver, CO
    Beans
    7,554
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Advanced GnuPG Concepts - Advanced Key Generation

    Ive seen subkeys used in the example if you are going to be using gpg from different computers. A subkey could be generated for each computer of medium (ie USB stick). The master key is never put at risk. This is one of the topics I would like to cover, however when I was playing around with multiple subkeys, something wasnt working and I just lost time trying to figure things out between here and the gnupg mailing list.

    I will probably never write on how to use Enigmail. Ive used the product and its quite good, however I think there are multiple sites that explain how to use Enigmail effectively. Additionally if you really want to capture the full power of gnupg, you frankly need to default to the command line for some features, since no enigmail gui function has been written. For most everyday interaction with gnupg, Ive been using FireGPG since it integrates nicely with Gmail.

  5. #15
    Join Date
    Feb 2007
    Location
    New Jersey, USA
    Beans
    318

    Re: Advanced GnuPG Concepts - Advanced Key Generation

    I didn't expect you to write about enigmail usage, I just thought it'd be helpful for people to see links to projects which make pgp (gnupg specifically) especially usefull.
    Disclaimer: All of my advice is guaranteed without exception to work. If you find my advice unsatisfactory, you didn't do it right.

  6. #16
    Join Date
    Mar 2007
    Beans
    118
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: Advanced GnuPG Concepts - Advanced Key Generation

    I've found this thread to be very informative. Thanks!

    I would definitely appreciate a tutorial too, especially if you touched generating/using keys with SSH. That's just my preference though.

    Thanks again.

  7. #17
    Join Date
    Nov 2008
    Beans
    13

    Re: Advanced GnuPG Concepts - Advanced Key Generation

    Here’s one, hope you have fun.

    Important remark: always use
    Code:
    gpg --gen-key --expert
    for key generation, then you can use
    Code:
       (7) RSA (set your own capabilities)
    and enable S+C+E+A capabilities (all four of them).

    That way you won’t need the hassle that are subkeys.
    Using batch mode, you can even generate longer RSA
    keys, similar to what pgp-2.6.3ia allowed.
    Attached Files Attached Files

  8. #18
    Join Date
    Jul 2006
    Beans
    32

    Re: Advanced GnuPG Concepts - Advanced Key Generation

    KevDog, thanks for this really good, clear and precise explanation of GnuPG and PGP.

    I'd been meaning to understand more of the nitty gritty of keys and encryption, and your explanation did just that.

    I hope you find the motivation to tell us more about the subject, your explanations are great.

    Really looking forward to a part 2!

    Cheers!

  9. #19
    Join Date
    Aug 2006
    Beans
    Hidden!

    Re: Advanced GnuPG Concepts - Advanced Key Generation

    I will add my thanks for "part one" of a very good tutorial. I used to be well informed on this subject so I scanned the article pretty quickly, and it brought me up to date on several topics that have changed in important ways and/or emerged since I last paid real attention to the internals of PKI cryptosystems. Most users will want to go directly to "part two", but the material you have up now is very useful to those of us who need to know how a security tool works before we can sanely trust it.

  10. #20
    Join Date
    Sep 2009
    Location
    USA
    Beans
    402
    Distro
    Kubuntu

    Re: Advanced GnuPG Concepts - Advanced Key Generation

    Thank you for the tutorial/information on GPG keys.

    I've been slowly getting in to using keys for the past 8 months, and this really helped solidify and clarify some of the concepts I've been trying to pick up on.

    I wish more people would get on board with using GPG keys.

    If you do write more on this, I would love to learn more about key servers. How they work, how you find good ones, how you know one is still active, etc.

    But, as it is, it was a great article to read. Much appreciated!

Page 2 of 3 FirstFirst 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •