GnuPG

From Gentoo Wiki
Jump to: navigation, search
This page is a translated version of the page GnuPG and the translation is 25% complete.

Outdated translations are marked like this.
Other languages:
English • ‎español • ‎français • ‎italiano • ‎polski • ‎русский • ‎中文(中国大陆)‎ • ‎日本語 • ‎한국어
 As of March 3rd, 2015, the information in this article is probably outdated. You can help the Gentoo community by verifying and updating this article.

这篇指南将教给读者GnuPG——一个用于安全通讯的工具——的基本用法。

介绍

读者能从本指南中得到什么

本指南已经假定读者对公钥加密法、加密和数字签名都比较熟悉。如果不是这样,请跳转到official GnuPG handbook, ,具体是第二章,然后回到这篇文章。

读者将学习如何安装GnuPG,创建一个密钥对,向密钥环添加密钥,并将密钥提交给密钥服务器。读者还将学习如何签收,加密,验证和解密发送和接收的邮件和文件

安装

USE 标记

USE flags for app-crypt/gnupg The GNU Privacy Guard, a GPL OpenPGP implementation

bzip2 Use the bzlib compression library
doc Add extra documentation (API, Javadoc, etc). It is recommended to enable per package instead of globally
ldap Add LDAP support (Lightweight Directory Access Protocol)
nls Add Native Language Support (using gettext - GNU locale utilities)
readline Enable support for libreadline, a GNU line-editing library that almost everyone wants
selinux !!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur
smartcard Build scdaemon software. Enables usage of OpenPGP cards. For other type of smartcards, try app-crypt/gnupg-pkcs11-scd. Bring in dev-libs/libusb as a dependency; enable scdaemon.
ssl Add support for SSL/TLS connections (Secure Socket Layer / Transport Layer Security)
tofu Enable support for Trust on First use trust model; requires dev-db/sqlite.
tools Install extra tools (including gpgsplit and gpg-zip).
usb Build direct CCID access for scdaemon; requires dev-libs/libusb.
user-socket try a socket directory which is not removed by init manager at session end
wks-server Install the wks-server

安装

root #emerge --ask app-crypt/gnupg

其他软件

最基本的,你需要emerge gnupg。现在很多应用程序都在某种程度上支持gpg,所以在你的USE变量里加上“crypt”应该是个不错的主意。如果你想使用支持gnupg的邮件客户端,你可以选择使用pine(emerge pinepgp)、mutt(emerge mutt)、Mozilla Thunderbird(emerge thunderbird)、evolution(一个类似于微软Outlook的GNOME软件),或者KDE自己的Kmail。

使用

生成密钥并且将密钥加入公钥环

创建密钥

只需运行gpg --gen-key就可以创建自己的密钥了。它在第一次运行时会创建一些文件夹;再次运行可以创建密钥:

user $gpg --gen-key
gpg (GnuPG) 1.0.7; Copyright (C) 2002 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
  
Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
   Your selection? 1

此时,你可以选择你想使用的密钥的类型。大多数用户会选择默认的DSA和ElGamal类型。接下来就是密钥的大小;需要注意,虽然密钥越大越好,但是可不要对DSA/ElGamal使用大于2048的值。对于普通的电子邮件来说,2048已经足够了。

Gentoo developers (especially those working on ebuilds) are encouraged to use 4096-bit keys.

在指定密钥大小之后,需要指定的是密钥的有效期。在这里,有效期却是越小越好,但是大多数用户会选择一个永远不会过期的密钥,或者指定有效期为2、3年。

CodeChoosing key size

'"`UNIQ--pre-00000003-QINU`"'

This is a deprecated template and will be removed soon!!! Help us update this template!

现在,你需要键入一些你自己的个人信息。如果你想将自己的公钥送给其他人,那么在这里必须使用真实的电子邮件地址。

CodeEntering user information

'"`UNIQ--pre-00000006-QINU`"'

This is a deprecated template and will be removed soon!!! Help us update this template!

在这儿,请键入你的密码两次。我推荐你使用一个比较复杂的密码。因为,如果有人得到你的私钥并破解了你的密码,他们就可以发送冒充你的名义签名的消息,从而欺骗所有人相信这个邮件是你发送的。

接下来,GnuPG才会产生你的密钥。动一下鼠标或者在后台播放一个mp3将有助于加速这个过程,因为这些动作都会帮助产生随机数据。

生成吊销证书

重要
这个部分非常重要,必须“现在”就做!

每当你创建了密钥,你必须同时创建这个密钥的吊销证书。因为,一旦你的密钥发生不测(例如有人得到了你的密钥和密码),只有你提前这样做了,你才有能力吊销你的密钥使它无效。

user $gpg --list-keys
/home/humpback/.gnupg/pubring.gpg
---------------------------------
pub  1024D/75447B14 2002-12-08 Larry the cow (Gentoo's own) <larry@gentoo.org>
sub  2048g/96D6CDAD 2002-12-08
user $gpg --output revoke.asc --gen-revoke 75447B14
sec  1024D/75447B14 2002-12-08   Larry the cow (Gentoo's own) <larry@gentoo.org>
  
Create a revocation certificate for this key? y
Please select the reason for the revocation:
  0 = No reason specified
  1 = Key has been compromised
  2 = Key is superseded
  3 = Key is no longer used
  Q = Cancel
(Probably you want to select 1 here)
Your decision? 1
Enter an optional description; end it with an empty line:
> Someone cracked me and got my key and passphrase
>
Reason for revocation: Key has been compromised
Someone cracked me and got my key and passphrase
Is this okay? y
  
You need a passphrase to unlock the secret key for
user: "Larry the cow (Gentoo's own) <larry@gentoo.org>"
1024-bit DSA key, ID 75447B14, created 2002-12-08
  
ASCII armored output forced.
Revocation certificate created.
  
Please move it to a medium which you can hide away; if Mallory gets
access to this certificate he can use it to make your key unusable.
It is smart to print this certificate and store it away, just in case
your media become unreadable.  But have some caution:  The print system of
your machine might store the data and make it available to others!

使用gpg --list-keys命令可以列出公钥环中的所有公钥。你可以用它来查看你密钥的ID,然后生成该密钥的吊销证书。现在,推荐你将.gnupg目录和吊销证书(ASCII形式的——revoke.asc)拷贝到比较安全的媒体(两张软盘或者一张CD-R,并且,请将其保存在比较安全的地方)当中。请务必记住,将来你可以使用revoke.asc来吊销密钥使密钥失效。

附注
如果你想在多个邮件地址中使用同一个密钥,你可以尝试运行gpg --edit-key YOUR_ID并且使用adduid命令。它会询问你想要在第二个ID中使用的名字,电邮地址和注释。

导出密钥

输入gpg --armor --output john.asc --export john@nowhere.someplace.flick来导出你的密钥。任何时候你都可以使用密钥ID或者其他可以唯一确定该密钥的东西(这里我们使用了电子邮件地址)作为参数。John现在得到了john.asc。他可以将这个文件发送给朋友,或者贴到他自己的网页上去,以便人们可以安全的同他通讯。

导入密钥

为了将文件添加到你的公钥环中去,你必须先导入它,并且验证这个密钥的指纹才行。在验证指纹之后,你还需要将它设为有效。

附注
验证密钥时请务必小心。因为这是公钥加密法的一个弱点。

现在我们要将Luis Pinto(我的一位朋友)的公钥加入到我的公钥环之中去。在给他打了个电话并且问到了他这个密钥的指纹之后,我仔细对照了一下该密钥的指纹和fpr命令的输出结果。在确认这个密钥是真实的之后,我将其添加到我的公钥环之中。这个密钥比较特殊,它将在2003年12月1日过期,所以我被问到是否要将我的签名设置为在同一天失效。

user $gpg --import luis.asc
gpg: key 462405BB: public key imported
gpg: Total number processed: 1
gpg:               imported: 1
user $gpg --list-keys
/home/humpback/.gnupg/pubring.gpg
---------------------------------
pub  1024D/75447B14 2002-12-08 John Doe (The Real John Doe) <john@nowhere.someplace.flick>
sub  2048g/96D6CDAD 2002-12-08
  
pub  1024D/462405BB 2002-12-01 Luis Pinto <lmpinto@student.dei.uc.pt>
uid                            Luis Pinto <lmpinto@dei.uc.pt>
sub  4096g/922175B3 2002-12-01 [expires: 2003-12-01]
user $gpg --edit-key lmpinto@dei.uc.pt
gpg (GnuPG) 1.0.7; Copyright (C) 2002 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
  
gpg: checking the trustdb
gpg: checking at depth 0 signed=0 ot(-/q/n/m/f/u)=0/0/0/0/0/1
pub  1024D/462405BB  created: 2002-12-01 expires: 2003-12-01 trust: -/-
sub  4096g/922175B3  created: 2002-12-01 expires: 2003-12-01
(1)  Luis Pinto <lmpinto@dei.uc.pt>
(2). Luis Pinto <lmpinto@student.dei.uc.pt>
Command>fpr
pub  1024D/462405BB 2002-12-01 Luis Pinto <lmpinto@dei.uc.pt>
             Fingerprint: F056 3697 ADE3 CF98 B80B  8494 0AD3 E57B 4624 05BB
Command>sign
Really sign all user IDs? y
                           
pub  1024D/462405BB  created: 2002-12-01 expires: 2003-12-01 trust: -/-
             Fingerprint: F056 3697 ADE3 CF98 B80B  8494 0AD3 E57B 4624 05BB
  
     Luis Pinto <lmpinto@dei.uc.pt>
     Luis Pinto <lmpinto@student.dei.uc.pt>
  
This key is due to expire on 2003-12-01.
Do you want your signature to expire at the same time? (Y/n) Y
How carefully have you verified the key you are about to sign actually belongs
to the person named above?  If you don't know what to answer, enter "0".
  
   (0) I will not answer. (default)
   (1) I have not checked at all.
   (2) I have done casual checking.
   (3) I have done very careful checking.
  
   Your selection? 3
Are you really sure that you want to sign this key
with your key: "John Doe (The Real John Doe) <john@nowhere.someplace.flick>"
  
I have checked this key very carefully.
  
Really sign? y
              
You need a passphrase to unlock the secret key for
user: "John Doe (The Real John Doe) <john@nowhere.someplace.flick>"
1024-bit DSA key, ID 75447B14, created 2002-12-08
Command>check
uid  Luis Pinto <lmpinto@dei.uc.pt>
sig!3       462405BB 2002-12-01   [self-signature]
sig!3       75447B14 2002-12-08   Larry the cow (Gentoo's own) <larry@gentoo.org>
uid  Luis Pinto <lmpinto@student.dei.uc.pt>
sig!3       462405BB 2002-12-01   [self-signature]
sig!3       75447B14 2002-12-08   Larry the cow (Gentoo's own) <larry@gentoo.org>

与密钥服务器交换密钥

向密钥服务器发送密钥

现在你已经拥有了自己的密钥,要是能把它发送到遍布全球的密钥服务器上去就好了。全世界有很多密钥服务器,大多数服务器之间会相互交换密钥。这里我们试着将John Doe的密钥发送到subkeys.pgp.net服务器。这样会用到HTTP协议,所以如果你在进行HTTP通讯的时候需要使用代理的话,别忘了设置它(export http_proxy=http://proxy_host:port/)。用来发送密钥的命令是gpg --keyserver subkeys.pgp.net --keyserver-options honor-http-proxy --send-key 75447B14,其中,75447B14是密钥ID。如果你并不需要HTTP代理,请去掉“--keyserver-options honor-http-proxy”选项。

user $gpg --keyserver keys.gnupg.net --keyserver-options honor-http-proxy --send-key 75447B14

Where 75447B14 is the ID of the key you would like to send. If a HTTP proxy is not needed then the --keyserver-options honor-http-proxy option can be removed.

你也可以将你签过名的其他人的密钥发送到密钥服务器上去。比如,我们可以将Luis Pinto的密钥送上去。这样的话,那些信任你的密钥的人可以使用你发送上去的签名来同样得信任Luis的密钥。

从密钥服务器取得密钥

现在,我们举例来查找一下Gustavo Felisberto的密钥,并且将这个密钥添加到John Doe的公钥环上去(趁你还没注意到本指南的作者就是Gustavo Felisberto,:))。

user $gpg --keyserver keys.gnupg.net --keyserver-options honor-http-proxy --search-keys humpback@felisberto.net
gpg: searching for "humpback@felisberto.net" from hkp server keys.gnupg.net
(1)	Gustavo Felisberto <humpback@gmail.com>
	Gustavo Felisberto <humpback@gentoo.org>
	Gustavo Felisberto <humpback@gentoopt.org>
	Gustavo Felisberto <gustavo@felisberto.net>
	Gustavo Felisberto <humpback@gentoo-pt.org>
	Gustavo Felisberto <humpback@felisberto.net>
	Gustavo Felisberto <gustavo@student.dei.uc.pt>
	Gustavo Felisberto <humpback@student.dec.uc.pt>
	Gustavo Felisberto (apt-get install anarchy) <humpback@felisberto.net>
	  1024 bit DSA key B9F2D52A, created: 2002-12-06
(2)	Gustavo Adolfo Silva Ribeiro Felisberto <humpback@altavista.net>
	  1024 bit DSA key 26471D8F, created: 2001-09-05
(3)	Gustavo Felisberto <humpback@altavista.net>
	  1024 bit DSA key E97E0B46, created: 1999-08-04, expires: 2000-08-04 (expired)
(4)	Gustavo A.S.R. Felisberto <humpback@altavista.net>
	  1024 bit DSA key B59AB043, created: 1998-12-10
(5)	Gustavo Adolfo Silva Ribeiro Felisberto <humpback@altavista.net>
	  1024 bit DSA key 39EB133D, created: 1998-08-27
(6)	Gustavo Adolfo Silva Ribeiro Felisberto <humpback@altavista.net>
	  1024 bit DSA key AE02AF87, created: 1998-06-15
Enter number(s), N)ext, or Q)uit > 1
gpg: requesting key B9F2D52A from hkp server keys.gnupg.net
gpg: key B9F2D52A: public key "Gustavo Felisberto <humpback@felisberto.net>" imported
gpg: 3 marginal(s) needed, 1 complete(s) needed, classic trust model
gpg: depth: 0  valid:   4  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 4u
gpg: next trustdb check due at 2015-06-28
gpg: Total number processed: 1
gpg:               imported: 1

From the server response it is possible to see few keys have been submitted to the key server, however only B9F2D52A is used. Now Larry the cow can get the key and sign it if he trusts it.

使用GPG代理

什么是GPG代理?

Sometimes working with certain applications requires the frequent use of a GPG key, which means that a passphrase must be frequently entered. In the past many applications supported a passphrase caching mechanism. This would make life easier for users because passphrases were automatically entered. However, this disallowed sharing this cache across programs (how secure would that be?) and forced applications to reinvent the wheel over and over again.

A GPG agent is a separate application that GPG uses to cache the passphrase in a standard and secure way. It allows applications to use GPG concurrently: if the passphrase is entered while working in one application, the other application can work with GPG without needing to unlock the key again — if the GPG Agent is configured to allow this, of course.

Gentoo provides a few GPG agent applications. The app-crypt/gnupg package contains what could be considered the reference one, and will be the primary choice used in this article.

Configuring gpg-agent and pinentry

GnuPG includes gpg-agent. Pinentry (app-crypt/pinentry) is a helper application that gpg-agent uses to request the passphrase in a graphical window. It comes in many flavors including gtk2 and 3, qt5, tty and curses. It is recommended to always build the ncurses version. Set USE flags accordingly.

If app-crypt/pinentry was installed with more than one popup window type, it is possible to choose between the windows with the eselect pinentry command:

root #eselect pinentry list
Available pinentry binary implementations:
  [1]   pinentry-gnome3 *
  [2]   pinentry-gtk-2
  [3]   pinentry-curses
  [4]   pinentry-tty
root #eselect pinentry set pinentry-curses

Eselect will change the symlink of /usr/bin/pinentry to the appropriate pinentry helper. Now create a file called ~/.gnupg/gpg-agent.conf and add the following lines to define the default timeout of the passphrase (e.g. 30 minutes) and the application to be called when the passphrase needs to be retrieved (e.g. the GTK+ version of Pinentry).

FILE ~/.gnupg/gpg-agent.conf
pinentry-program /usr/bin/pinentry
no-grab
default-cache-ttl 1800

Now configure GnuPG to use an agent when appropriate. Edit ~/.gnupg/gpg.conf and add the following line:

FILE ~/.gnupg/gpg.confConfiguring GnuPG to use a GPG agent
use-agent

Now the system is almost ready to use the GPG agent.

Changing pinentry for SSH logins

If you use the gpg-agent over SSH, a graphical pinentry password prompt will not come up in the login shell. This causes all operations that require a password to fail. If you add the following snipped in your ~/.bash_profile, the gpg-agent uses a curses password prompt in your current SSH shell instead. The snipped does not affect the pinentry settings when using local shells.

FILE ~/.bash_profileUse curses pinentry for SSH logins
export GPG_TTY=$(tty)
if [[ -n "$SSH_CONNECTION" ]] ;then
    export PINENTRY_USER_DATA="USE_CURSES=1"
fi

Automatically starting the GPG agent

If KDE is used as the desktop environment, edit /etc/plasma/startup/10-agent-startup.sh (system-wide, for KDE4 /etc/kde/startup/agent-startup.sh) or ~/.config/plasma-workspace/env/gpg-agent.sh (local user, ~/.kde4/env/gpg-agent.sh in KDE4). Add the following command to the appropriate file to have KDE automatically start the GPG Agent:

FILE /etc/plasma/startup/10-agent-startup.shMake Plasma automatically start the GPG agent
if [ -x /usr/bin/gpg-agent ]; then
 eval "$(/usr/bin/gpg-agent --daemon)"
fi

Additionally, uncomment the following lines in /etc/plasma/shutdown/10-agent-shutdown.sh (system-wide, /etc/kde/shutdown/agent-shutdown.sh in KDE4) or add it to ~/.config/plasma-workspace/shutdown/gpg-agent.sh (local user, ~/.kde4/shutdown/gpg-agent.sh in KDE4):

FILE /etc/plasma/shutdown/10-agent-shutdown.shHave Plasma shut down the GPG agent
if [ -n "${GPG_AGENT_INFO}" ]; then
  kill $(echo ${GPG_AGENT_INFO} | cut -d':' -f 2) >/dev/null 2>&1
fi

When using a desktop environment other than KDE, put the above lines in ~/.xinitrc if startx is used to start X.org or ~/.xsession if XDM, GDM, KDM, etc. are used.

Working with documents

Encrypting and signing

Let's say that Larry has a file he wishes to send Luis. Larry can encrypt it, sign it, or encrypt and sign it. Encrypting means that only Luis will be able to open it. The signature tells Luis that it was really Larry who created the file.

To encrypt:

user $gpg --output doc.gpg --encrypt --recipient lmpinto@dei.uc.pt doc_to_encrypt

To sign:

user $gpg --output doc.gpg --sign --recipient lmpinto@dei.uc.pt doc_to_sign

To encrypt and sign:

user $gpg --output doc.gpg --encrypt --sign --recipient lmpinto@dei.uc.pt doc_to_encrypt_and_sign

This will create binary files. To create ASCII files, just add the --clearsign option to the beginning of the command.

Decrypting and verifying signatures

Suppose that Larry has received an encrypted file. The command used to decrypt it is gpg --output document --decrypt encrypted_doc.gpg. This will decrypt the document and verify the signature (if there is one).

Encrypting and decrypting without keys

It is possible to encrypt files using passwords instead of keys. The password itself will function as the key — it will be used as a symmetric cipher. The file can be encrypted using gpg --symmetric; decrypting uses the same command mentioned above.

user $gpg --output document.gpg --symmetric document

GnuPG will ask for a passphrase and a passphrase verification.

Advanced features

There are some nice advanced features in GnuPG. To find them, open the ~/.gnupg/gpg.conf file.

FILE ~/.gnupg/gpg.conf
#keyserver x-hkp://keys.gnupg.net
#keyserver-options auto-key-retrieve include-disabled include-revoked

Uncomment the two lines above. With this modification, any time GnuPG needs to check a signature and does not find the public key on the local keyring it will contact the key server at keys.gnupg.net in an attempt to fetch the public key from the server.

Another nice command is gpg --refresh-keys. This will contact the key server defined in the configuration file and refresh the public keys in the local keyring from there. It is capable of searching for revoked keys, new IDs, and new signatures on keys. It is a wise idea to run this command once or twice a month; if a user revokes their key this can provide a notification the key can no longer be trusted.

GnuPG interfaces

About email signatures

95% of the time GnuPG is used with email by signing/encrypting outgoing messages or reading signed/encrypted messages.

There are two ways two sign/encrypt a email with GnuPG, the old way and the new way. In the old way messages would appear in plain text, with no possible formatting and attached files would be unsigned/unencrypted. Here is an example of a message signed the old way:

CODE A plain text signature
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
  
Test message
  
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use
  
iQA/AwUBP8461jMX0745gR7AEQIEOwCg011GbufXO3ED3FkLWXmfzg7xm1cAoJD0
0EU3Kd2EKNCqataEqM5qjpPs
=LchZ
-----END PGP SIGNATURE-----

Messages this way are not good in today's world, where there are nice GUIs and email readers that understand HTML.

To solve this an addition to the MIME (Multipurpose Internet Mail Extensions) was created. This adds a field to the email that tells the mail reader that the full content of the message is signed and/or encrypted. The problem with this is that not all mail readers support such features. Some even mess up the content (Microsoft's Outlook is famous for not working with this).

Kgpg

Kgpg (kde-base/kmail) is a wonderful GUI for GnuPG. The main screen provides an area to paste text to sign or encrypt. The reverse is also true: ASCII armored text to be decrypted can also be entered.

Seahorse

Seahorse (app-crypt/seahorse) aims to be a GnuPG GUI interface for the GNOME desktop. The software has been evolving fast, but it still lacks many important features that can be found in Kgpg or the command line version.

KMail

If the crypt USE flag is set, KMail will be compiled with gpg support, and will be able to encrypt and decrypt inline PGP mails automatically as well as encrypting OpenPGP/MIME mails. To decrypt OpenPGP/MIME mails (which most users want) a GPG agent must be running.

To verify if KMail is properly configured navigate to Settings → Configure KMail → Security → Crypto Backends. A GpgME-based backend should be listed and the OpenPGP checkbox should be checked. If it is listed but grayed out, click on Rescan. If the GpgME-based backend remains grayed out, KMail is not working properly.

When unable to get KMail to behave, see the official KMail PGP page for more information.

Claws-Mail

This mail client is very fast with big mailboxes, has all the nice features one wants in mail readers and works well with GPG. The only problem is that it does not work with the old PGP signatures, so when receiving those kind of mails the signatures must be hand-checked.

To use a GPG key with Claws-Mail navigate to account configuration → privacy tab. Once there choose which key to use, most users should go with the default key.

Thunderbird

Thunderbird users can use the crypt USE flag to enable Enable encryption support with enigmail.

Final thoughts and credits

Credits

John Michael Ashley's GnuPG Handbook is a very good book for beginners.

Swift (Sven Vermeulen) for pushing me to re-write this.

Everyone in the #gentoo-doc team; you guys rock.

Tiago Serra for getting me back on the privacy track.

External resources

  • https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/ - An article explaining the creation of subkeys.
    This page is based on a document formerly found on our main website gentoo.org.
    The following people contributed to the original document: Gustavo Felisberto, John P. Davis,
    They are listed here because wiki history does not allow for any external attribution. If you edit the wiki article, please do not add yourself here; your contributions are recorded on each article's associated history page.