GnuPG/ja

このガイドでは、安全なコミュニケーションのためのツールであるGnuPGの使いかたの基本をGentoo Linuxユーザに説明します.

このガイドの読者が得られるもの
このガイドは公開鍵暗号、暗号化及びデジタル署名に読者が精通していることを前提としています. もしそうではない場合はofficial GnuPG handbook の第2章を見てからこの記事に戻ってきてください.

読者はまずGnuPGのインストール方法、鍵ペアの作成、鍵束へ追加、公開鍵のキーサーバへの登録を学びます. そして、送受信するメッセージやファイルに対する署名、暗号化、署名の検証、復号についても学びます.

他のソフトウェア
まず第一に、GnuPGをemergeしなければなりません. 現在の多くのアプリケーションはPGPをサポートしているので、 をUSEフラグとして設定しておくことはいいアイデアです. GnuPGを使うことができるメールクライアントを使いたいときは、次の選択肢が適しています.
 * PinePGP.
 * Mutt - 小さいがパワフルなテキストベースのメールクライアント
 * Thunderbird - Mozillaのメールクライアント
 * Evolution - GNOMEのOutlookによく似たメールクライアント
 * KMail - KDEのメールクライアント
 * KGPG をインストールすることは、KDEのデスクトップ環境を使用しているときに興味深く思えるかもしれません. この小さなプログラムがあれば、鍵ペアの生成、ASCIIファイルからの鍵のインポート、インポートした鍵への署名、鍵のエクスポートやその他のいくつかの素晴らしい機能を利用できます.
 * Tor - Torを使って匿名に鍵のサーバーにアクセスできます.  設定はTorを参照してください.

鍵の作成
鍵を作るために、コマンドを使用してください. 初めて実行するときに、コマンドはGnuPGの実行を正しく行うために必須なディレクトリーを作成します. 鍵を生成するためにはもう一度コマンドを実行してください.

鍵の種類は選択可能ですが、多くの利用者はデフォルトのRSAを選択します. 次に鍵の長さについて、一般的に鍵のbit長が長いほうが良いですが、DSA/ElGamalの鍵は2048よりも長い長さで使用しないでください. 2048は通常のメールの利用にとって十分です.

Gentooの開発者(特にebuildの管理者)は4096bitの鍵が推奨されます.

After size comes the expiration date. Here smaller is better, but users can go for a key that never expires, or for an expiration date of around 2 or 3 years. Remember that you can indefinitely extend the expiry of a key, even after it expired.

Now it is time to enter some personal information about the key's user. When sending a public key to other users it is important that a real email address is used (as opposed to a fake one).

Now enter a key passphrase twice. It is a good idea to use a strong passphrase. If someone is able to obtain the associated private key and cracks the password they will be able to impersonate the user by sending signed messages just as the user would. The malicious user could dupe the victims contacts into believing the e-mails or messages were sent by the victim. Note: if you have any errors during this process, see the pinentry section below.

Next, GnuPG will generate a key. Moving the mouse, browsing the web, or streaming audio in the background will help speed up the process of generating random data, which is used to increase the security of the key pair.

Generating a revocation certificate
After creating the keys a revocation certificate should be created. Doing this allows the user to revoke the key in case something nasty happens (such as a malicious user gaining control of the key/passphrase).

lists the keys in the public keyring. It may be used to see the ID of the key so that a revocation certificate can be created. It is a good idea to copy the entire directory and the revocation certificate (ASCII armored - ) to a secure medium (a CD-R or a USB drive stored in a safe location). Remember that the file can be used to revoke the keys and make them unusable in the future.

鍵のエクスポート
To export a key, run. You can almost always use the key ID or something that identifies the key (in this example an email address was used). Larry now has a that he can send his friends, or place on his web page so that others can safely communicate with him.

鍵のインポート
To add keys to a public keyring the following steps should be taken:
 * 1) Import the key;
 * 2) Check the key fingerprint;
 * 3) After verifying the key fingerprint, validate it.

Now we will be adding Luis Pinto's (a friend of mine) public key to our public keyring. After giving him a call and asking him for his key fingerprint, I compare the fingerprint with the output of the command. As the key is authentic, I add it to the public keyring. In this particular case, Luis's key will expire in 2003-12-01 so I am asked if I want my signature on his key to expire at the same time.

鍵サーバに鍵を送信する
Now that a key has been generated, it is probably a good idea to send it to a world key server. There are a lot of key servers in the world and most of them exchange keys. In this next example Larry the cow's key will be sent to the pool.sks-keyservers.net server. Sending keys uses HTTP, so if a proxy is used for HTTP traffic do not forget to set it accordingly. The command for sending the key is:

Where 75447B14 is the ID of the key you would like to send. If a HTTP proxy is not needed then the  option can be removed.

Sending other people's keys that Larry has signed to the key server is also a good idea. We could send Luis Pinto's key to the key server. This way someone who trusts Larry's key can use the signature that he has placed there to trust Luis's key.

鍵サーバから鍵を入手する
Now we are going to search for Gustavo Felisberto's key and add it to the keyring of Larry the cow.

From the server response it is possible to see few keys have been submitted to the key server, however only  is used. Now Larry the cow can get the key and sign it if he trusts it.

Refreshing existing keys
Existing PGP keys should be refreshed on a regular interval (twice a month is common). To refresh keys, define a key server with which to connect:

This command can be added to a cron job or systemd timer.

GPG エージェントとは？
Sometimes working with certain applications requires the frequent use of a GPG key, which means that a passphrase must be frequently entered. In the past many applications supported a passphrase caching mechanism. This would make life easier for users because passphrases were automatically entered. However, this disallowed sharing this cache across programs (how secure would that be?) and forced applications to reinvent the wheel over and over again.

A GPG agent is a separate application that GPG uses to cache the passphrase in a standard and secure way. It allows applications to use GPG concurrently: if the passphrase is entered while working in one application, the other application can work with GPG without needing to unlock the key again — if the GPG Agent is configured to allow this, of course.

Gentoo provides a few GPG agent applications. The package contains what could be considered the reference one, and will be the primary choice used in this article.

When using Xfce as Window Manager it will try to automatically run (as well as ). This will make identity management more complicated if different agents are running, especially in combination with SmartCards.

gpg-agent や pinentry の設定
GnuPG includes. Pinentry is a helper application that  uses to request the passphrase in a graphical window. It comes in many flavors including gtk2 and 3, qt5, tty and curses. It is recommended to always build the ncurses version. Set USE flags accordingly.

If was installed with more than one popup window type, it is possible to choose between the windows with the  command:

Eselect will change the symlink of to the appropriate pinentry helper. Now create a file called and add the following lines to define the default timeout of the passphrase (e.g. 30 minutes) and the application to be called when the passphrase needs to be retrieved (e.g. the GTK version of Pinentry).

Now configure GnuPG to use an agent when appropriate. Edit and add the following line:

Now the system is almost ready to use the GPG agent. It is neccessary to restart the gpg-agent to take into account of the change in configuration.

Changing pinentry for SSH logins
If you use the gpg-agent over SSH, a graphical pinentry password prompt will not come up in the login shell. This causes all operations that require a password to fail. If you add the following snipped in your, the gpg-agent uses a curses password prompt in your current SSH shell instead. The snipped does not affect the pinentry settings when using local shells.

gpg-agent の自動起動
If KDE is used as the desktop environment, edit (system-wide, for KDE4 ) or  (local user,  in KDE4). Add the following command to the appropriate file to have KDE automatically start the GPG Agent:

Additionally, uncomment the following lines in (system-wide,  in KDE4) or add it to  (local user,  in KDE4):

When using a desktop environment other than KDE, put the above lines in if  is used to start X.org or  if XDM, GDM, KDM, etc. are used.

暗号化および署名
Let's say that Larry has a file he wishes to send Luis. Larry can encrypt it, sign it, or encrypt and sign it. Encrypting means that only Luis will be able to open it. The signature tells Luis that it was really Larry who created the file.

暗号化は:

署名は:

暗号化および署名は:

This will create binary files. To create ASCII files, just add the  option to the beginning of the command.

Decrypting and verifying signatures
Suppose that Larry has received an encrypted file. The command used to decrypt it is. This will decrypt the document and verify the signature (if there is one).

Encrypting and decrypting without keys
It is possible to encrypt files using passwords instead of keys. The password itself will function as the key — it will be used as a symmetric cipher. The file can be encrypted using ; decrypting uses the same command mentioned above.

GnuPG will ask for a passphrase and a passphrase verification.

高度な機能
There are some nice advanced features in GnuPG. To find them, open the file.

Uncomment the two lines above. With this modification, any time GnuPG needs to check a signature and does not find the public key on the local keyring it will contact the key server at hkps://keys.gentoo.org in an attempt to fetch the public key from the server.

Another nice command is. This will contact the key server defined in the configuration file and refresh the public keys in the local keyring from there. It is capable of searching for revoked keys, new IDs, and new signatures on keys. It is a wise idea to run this command once or twice a month; if a user revokes their key this can provide a notification the key can no longer be trusted.

電子メールの署名
GnuPG を使用する機会の95%ほどが、送信する電子メールへの署名や暗号化、あるいは、受信した電子メールの検証や復号化です.

There are two ways two sign/encrypt a email with GnuPG, the old way and the new way. In the old way messages would appear in plain text, with no possible formatting and attached files would be unsigned/unencrypted. Here is an example of a message signed the old way:

Messages this way are not good in today's world, where there are nice GUIs and email readers that understand HTML.

To solve this an addition to the MIME (Multipurpose Internet Mail Extensions) was created. This adds a field to the email that tells the mail reader that the full content of the message is signed and/or encrypted. The problem with this is that not all mail readers support such features. Some even mess up the content (Microsoft's Outlook is famous for not working with this).

Kgpg
Kgpg is a wonderful GUI for GnuPG. The main screen provides an area to paste text to sign or encrypt. The reverse is also true: ASCII armored text to be decrypted can also be entered.

Seahorse
Seahorse aims to be a GnuPG GUI interface for the GNOME desktop. The software has been evolving fast, but it still lacks many important features that can be found in Kgpg or the command line version.

KMail
If the  USE flag is set, KMail will be compiled with gpg support, and will be able to encrypt and decrypt inline PGP mails automatically as well as encrypting OpenPGP/MIME mails. To decrypt OpenPGP/MIME mails (which most users want) a GPG agent must be running.

To verify if KMail is properly configured navigate to. A GpgME-based backend should be listed and the OpenPGP checkbox should be checked. If it is listed but grayed out, click on. If the GpgME-based backend remains grayed out, KMail is not working properly.

When unable to get KMail to behave, see the official KMail PGP page for more information.

Claws-Mail
Claws Mail is very fast with big mailboxes and works well with GPG. The only problem is that it does not work with the old PGP signatures.

To use a GPG key with Claws-Mail navigate to. Once there choose which key to use, most users should go with the default key.

Thunderbird
Thunderbird - since version 78 has built-in encryption, but it can be made to use system GnuPG.

クレジット
John Michael Ashley's GnuPG Handbook is a very good book for beginners.

Swift (Sven Vermeulen) for pushing me to re-write this.

Everyone in the team; you guys rock.

Tiago Serra for getting me back on the privacy track.

External resources

 * https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/ - An article explaining the creation of subkeys.
 * https://keys.openpgp.org/ - OpenPGP.org's PGP infrastructure. Key server is running the Hagrid keyserver software. Use hkps://keys.openpgp.org for accessing from.
 * https://keys.gentoo.org/ - Gentoo Infrastructure's official PGP key server.
 * https://sks-keyservers.net/ - Key servers ran by a former Gentoo developer.