June 28, 2004

CLI magic: The keys to GnuPG

Author: Joe Barr

The GNU Privacy Guard (a.k.a. GnuPG, or simply gpg) is a free software implementation of Philip Zimmermann's notorious, powerful, and popular program PGP (Pretty Good Privacy). GnuPG is cooler than a secret decoder ring, so get out of that GUI recliner for a few minutes and come learn a couple of secret spy crypto command line tricks.GnuPG has two main uses. The first is to encrypt data to ensure its privacy. The second is to "sign" data so that others can determine it is authentic and unmodified.

GnuPG is widely used, so it is included as standard fare in most modern distributions. If it didn't come with yours, you can download source code or binary versions from the GnuPG Web site.

Gimme two keys and hold the mayo

GnuPG uses two keys: a public key for encrypting data, and a private (secret) key for decrypting it. Anyone who has a copy of your public key can use it to encrypt data that only you can read. Nobody can read your mail -- at least not very easily -- with your public key; your private key is required for that.

We'll get started by generating a key-pair. The command to do so is:

gpg --gen-key

That generates the following response:

gpg (GnuPG) 1.2.4; Copyright (C) 2003 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Please select what kind of key you want:
   (1) DSA and ElGamal (default)
   (2) DSA (sign only)
   (4) RSA (sign only)
Your selection?

Select option (1), the default. It is suitable for most users. Do not ask why option (3) -- which creates an ElGamal type key not suitable for making signatures -- is not shown, and I won't be forced to kill you.

Next, we set the key size:

DSA keypair will have 1024 bits.
About to generate a new ELG-E keypair.
      minimum keysize is 768 bits
      default keysize is 1024 bits
   highest suggested keysize is 2048 bits
What keysize do you want? (1024)

Just press Enter for the default 1024 bits. If you need more security than that affords, you shouldn't be reading a tips for noobies resource for your security planning. And remember, no matter what size you choose, there is no unbreakable cipher. The best you can do is buy time.

Speaking of time, the next question is how long we want this key-pair to be good for.

Please specify how long the key should be valid.
      0 = key does not expire
      = key expires in n days
    w = key expires in n weeks
    m = key expires in n months
    y = key expires in n years
Key is valid for? (0)

Once more, choose the default for "does not expire."

Confirm your choice by entering y when asked, then we can move on to telling GnuPG who we are.

The next prompt states:

You need a User-ID to identify your key; the software constructs the user id
from Real Name, Comment and Email Address in this form:
   "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name:

First of all, ignore that line describing what the final result looks like. If you don't, you'll never enter the data correctly. For "Real Name" enter your name as it normally appears in your email. In my case, that would simply be "Joe Barr."

Next, enter your email address, but do not enclose it in angle brackets as shown in the example of the finished identification. Just use "joe@pjprimer.com" or whatever your email address happens to be.

Finally, press Enter when asked for a comment. Your finished product will then be displayed, and it should be in the form shown in the beginning. You can change any of the items that are used to build it, and then you can move on to the passphrase.

The passphrase is critical. Think about it before entering something. It needs to be a word or phrase that someone who knows you can't easily guess, but it also needs to be easy for you to remember and to enter. It's needed whenever you sign something, like an outgoing email, or when you encrypt or decrypt data.

Some email clients -- like Evolution -- allow you to enter the passphrase only once per session. That can save you a lot of keystrokes. So can not selecting the first paragraph of Ulysses as your passphrase. Strike a good balance and make it something you can easily remember. It's not as easy to come up with a good passphrase as you might think, but it's important that you do so. If someone comes across your private key, your passphrase is the only thing standing between them and all of your secrets. Guard it carefully. If possible, select one you won't have to write down.

After you enter and reenter the passphrase, the following will appear:

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.


public and secret key created and signed.
key marked as ultimately trusted.

pub 1024D/FFFFFFFF 2004-06-22 Joe Barr
     Key fingerprint = 1111 2222 3333 4444 5555 6666 7777 8888 9999
sub 1024g/00000000 2004-06-22

You've now generated your first key-pair. That leaves just one more thing to do: You need to create a revocation certificate.

Revoke this!

It's not uncommon for people to lose passphrases or secret keys. When that happens -- or if you just want to cancel an existing public key for any reason -- you can use a revocation certificate to cancel it. Of course, if you've lost your passphrase or secret keys, you won't be able to create the certificate, so that's why it's a good idea to do it now.

To generate the certificate -- and to output it in printable form to a file called revoke.asc -- enter the following command. The key-id portion of the command can be be either the public key ID (FFFFFFFF in our example above) or a large enough chunk of the identification line associated with it to uniquely distinguish it from any other keys on the key-ring:

gpg --output revoke.asc --gen-revoke key-id

GnuPG responds by asking if you want to create the certificate, and if you say yes, it asks why:

Please select the reason for the revocation:
   0 = No reason specified
   1 = Key has been compromised
   2 = Key is superseded
   3 = Key is no longer used
   Q = Cancel
(Probably you want to select 1 here)
Your decision?

As always, select the recommended option. When asked for the optional description, I usually enter something simple like "Revocation certificate for identification line."
Confirm that all is well and then it's time to enter your passphrase. That done, GnuPG says:

ASCII armored output forced.
Revocation certificate created.

Please move it to a medium which you can hide away; if Mallory gets
access to this certificate he can use it to make your key unusable.
It is smart to print this certificate and store it away, just in case
your media become unreadable. But have some caution: The print system of
your machine might store the data and make it available to others!

Heed the warning and keep both hardcopy and digital version of the certificate in a secure location.

That's all for this time. In a future column we'll revisit GnuPG and learn what you can do with it once you have a key-pair.