Bingology - The Blog of Aaron 'BingoBoingo' Rogier

ADD7A9A28F85E5EF1F51904F309BB8D7F3251143
About | Contact | PGP Public Key | Archive
« New Spam Policy
This is a Horrible Year for NFL Picks »

Getting Started with GPG

I have mentioned this handy tool a number of times before, but I guess it is time to explain how to get started with GPG, the GNU Privacy Guard and create your first key pair.

The first step in this process is to identify what kind of operating system you are using. Generally you should find yourself to be running some flavor Windows, Mac, or *Nix. If you are using Windows or a Mac, you might want to consider giving some Linux or BSD flavor a spin during this exercise. The Open Source thing means if the system has been diddled, it is at least more likely to be discovered, eventually.

There is are a lot of decent guides out there. I'll link them, but come back here when it is time to generate the key. Here's one for Windows courtesy of the Enigmail team, Mac from Purdue's Engineering IT support, and while the different *nix systems have differing package managers the Ubuntu guide works well just subbing in the different distribution specific installation commands.

Once you have the software installed, get it started on the command line and ignore whatever key pair type your guide suggested. When you enter:

gpg --gen-key

and options pop up you want to choose RSA and RSA as your key type with 40961 being the key length. DSA and Elgamal is probably the wrong choice.

Once you've done that fill in the information, either for your actual identity or your pseudonym, and I recommend not setting an expiration date and planning to use a revocation certificate instead. Pick a passphrase you can lose, and you should have a key within a few seconds or minutes. Congratulations, now back that shit up to some media where you can ensure its physical security and generate a revocation certification to store with your backup. Maybe make several backups, but remember this physical security thing is important.

Later I'll write on things you can do with your key, but in the mean time plug your public key into the Phuctor2and maybe practice generating, backing up, and revoking keys for a bit before settling on your key. If the Phuctor finds issues with any keys generate a new one, but if it finds problems with a lot of your keys probably get a new3 machine and definitely set it up with some *nix or a different *nix system if you started this exercise the right way. Further if you keys continue being weak consider building GPG from the official source and skip pre-built binaries.4 Whatever you do with GPG eventually make sure you are taking the time to get comfortable with it before doing useful things like registering with Gribble.

Update: A new companion post explains the exercises mentioned here.

  1. If you are especially paranoid you may double this length, but 1024 is confirmed to be too short and do you really want your key to be next in line to be confirmed too short? Well, that would be why I'm not recommending 2046. [↩]
  2. Discussed earlier here: http://bingology.net/2013/10/22/a-cool-new-toy-for-public-keys/ [↩]
  3. By new, to you. In reality probably older per http://trilema.com/2013/how-to-airgap-a-practical-guide/#identifier_5_49997 [↩]
  4. For those who want to be sure of doing this the right way, this is probably what you should have done from the start. [↩]

This entry was posted on Thursday, October 24th, 2013 at 7:12 p.m. and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Responses to “Getting Started with GPG”

  1. The View From Here: 1st Edition | JBits says:
    October 25, 2013 at 8:02 a.m.

    […] Getting Started With GPG […]

    Reply
  2. Private Pains: Explaining a GPG Homework Assignment | Bingo Blog says:
    October 29, 2013 at 2:12 p.m.

    […] the recent post Getting Started with GPG we started with installing GNU Privacy Guard, Generating the right kind of key, and then doing some […]

    Reply
  3. Signature Thursday: Geany a GUI text editor for GPG tasks | Bingo Blog says:
    October 31, 2013 at 8:05 p.m.

    […] signature Thursday I offered information on getting started with GPG. Tuesday I offered some homework on getting comfortable with basic GPG key management tasks that […]

    Reply
  4. Private Pains: Explaining a GPG Homework Assignment « Bingology - BingoBoingo's Blog says:
    August 1, 2019 at 2:15 a.m.

    [...] the recent post Getting Started with GPG we started with installing GNU Privacy Guard, Generating the right kind of key, and then doing some [...]

    Reply

Leave a Reply

Click here to cancel reply.

 

It's still a pleasure to read bb prose. Both well researched and well written...

- Mircea Popescu

Recent Posts

  • Uruguay-SSR And The Hallucinated Seige
  • Introducing "The Montevideo Standard"
  • Qntra: A Plan For Action
  • A Homework Assignment From Diana_Coman: Trawling Ancient PMs Seeking What Worked For Early Qntra And Where I'm At On Scripting A Conversion Engine
  • Outreach Automation: A Call For Bids
  • Week 6 2020 Review - With Some Reflections On The Subject Of Feedback And Encountering Bots Blogging For Bots Nest
  • Photos From The Archives - January 20, 2011
  • Week 5 2020 Review - A Start To A Start
  • An Onramp For Contributing To Qntra - On Qntra
  • Week 4 2020 Review - Turning To Qntra

Recent Comments

  • Joe on Sports Team Fandoms as a Model Organism for Understanding Discourse
  • Alaskan Thunder Fuck on That One Agricultural Product And Uruguay
  • Aaron 'BingoBoingo' Rogier on Qntra: A Plan For Action
  • Aaron 'BingoBoingo' Rogier on Some FG Samples And Test Results
  • Mohammed nawar on Some FG Samples And Test Results
  • BetrugsRuehrerVow on Ceviche Theory And Practice
  • Aaron 'BingoBoingo' Rogier on Introducing "The Montevideo Standard"

Feeds

  • Posts RSS
  • Comments RSS


Tip Jar: 15eVXAW7k8uKc5moDFUSc9Y3jmHFAenNXo