Listing & Managing Keys (Using GPG To Encrypt And Sign Your Data Part II)

After the creation of the private and public keys, GPG allows the listing of both public and private rings
using "gpg --list-keys" and "gpg --list-secret-keys" as shown in the next image:

Sometimes the need to exchange keys appears,  GPG has it's tools for exporting and importing keys.

To export a key from the public ring to a plain text file use the option --output, the option --armor creates
a readable ASCII output, "god@spam.com" is the user id associated to the key.

To export a key from the private ring to a plain text file use the option --output, the option --armor creates
a readable ASCII output, "god@spam.com" is the userid associated to the key.

To import keys to the public or private rings just use "gpg --import" the program will add it to the correct ring by the header of the key.

Key imported to the public ring withe the user id jesus@spam.com (It was generated with GPG For Windows) as shown in the next image:

Key imported to the private ring withe the user id jesus@spam.com (It was generated with GPG For Windows) as shown in the next image:

The next entry shows how to encrypt and decrypt with GPG: http://davidalexandermejia.blogspot.com/2014/04/encrypt-decrypt-using-gpg-to-encrypt.html

Generating Keys (Using GPG To Encrypt And Sign Your Data Part I)

GPG is a GNU solution that can be used when we need to implement the PKI (Public Key Infrastructure) without the costs of something like PGP.

GPG is a multiplatform solution that can be used with Windows (Command Line) or Linux, this example is under a Linux platform.

There is an option --gen-key that can generate four kind of keys, for our purpose (1) RSA and RSA or (2) DSA and Elgamal are useful. In the next image (1) RSA and RSA was chosen.

The program asks for the key length (between 1024 and 4096 bits) and the expiration time, a year or two is a common caducity time.

In the example the keys have 2048 bits and 2 years of time before the key expires.

The program asks for a name, email address to identify the owner of the key and an optional comment.  In the example the userid and the email address are the same (god@spam.com) after that the program shows the options to change the name (N), commen (C) or email (E) or Okay (O) for commit the changes or (Q) for quit the program.

After choosing the (O)kay the program asks for a passphrase to protect the private key, depending of the length of the key the program will need some  time to generate the random numbers.

The keys and their signatures are created after the program find the randon numbers, finally it saves the keys in the private and the public rings of the gpg program.

The next entry shows how to list and manage the keys: http://davidalexandermejia.blogspot.com/2013/11/showing-managing-keys-using-gpg-to.html