All linux commands are in italic text (excepted in step 5)
(Since october 2017 the 4th) Rene Paul Mages (ramix) fingerprint is : 0E53 808A 4AB3 8DF8 2679 2EEB B8CF 35A4 9840 A6F7
http://ffii.fr/ramix/gnupg/0xB8CF35A49840A6F7.asc
https://www.gnupg.org/ftp/gcrypt/gnupg/GnuPG-FAQ.txt
https://tinyurl.com/RenePaulMagesPublicGnuPGkey
http://nosoftwarepatents.wikidot.com/cryptography
https://linuxcommandlibrary.com/man/gpg2
https://lists.gnupg.org/pipermail/gnupg-users/
https://linuxfr.org/news/bien-demarrer-avec-gnupg
https://en.wikipedia.org/wiki/Werner_Koch
GnuPG is a complete and free replacement for PGP.
https://en.wikipedia.org/wiki/GNU_Privacy_Guard
Because it does not use the patented IDEA algorithm, it can be used without any restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application.
GnuPG is Free Software . GnuPG can be freely used, modified and distributed under the terms of the GNU General Public License.
PGP, on which OpenPGP is based, was originally developed by Philip Zimmermann in the early 1990s.
Project Aegypten provides Sphinx-Clients (Mutt, KMail, …) compatible to S/MIME within a GnuPG framework. Within this project a few new tools have been developed, most notably "gpgsm" as the S/MIME counterpart of "gpg".
Here are some key features of "GnuPG":
· Full replacement of PGP.
· Does not use any patented algorithms.
· GPLed, written from scratch.
· Can be used as a filter program.
· Full OpenPGP implementation (see RFC2440 at RFC Editor ).
· Better functionality than PGP and some security enhancements over PGP 2.
· Supports ElGamal, DSA, RSA, AES, 3DES, Blowfish, Twofish, CAST5, MD5, SHA-1, RIPE-MD-160 and TIGER.
· Easy implementation of new algorithms using extension modules.
· The User ID is forced to be in a standard format.
· Supports key and signature expiration dates.
· English, Danish, Dutch, Esperanto, Estonian, French, German, Japanese, Italian, Polish, Portuguese (Brazilian), Portuguese (Portuguese), Russian, Spanish, Swedish and Turkish language support.
· Online help system.
· Optional anonymous message receivers.
· Integrated support for HKP keyservers (wwwkeys.pgp.net).
· Clears signed patch files which can still be processed by patch.
· and many more things….
step 0
first you have to :
- read these documents :
- verify if gnupg is installed or not on your machine. in the not case you must be root on your Debian/Linux machine in this step :
- apt install gnupg2
step 1
not necessary to be root in this step
- gpg2 --full-gen-key
an example
- real name : Etienne Dupont
- email address : gro.ximar|tnopud.enneite#gro.ximar|tnopud.enneite
- password : ActivisteDepuisMai2003
1024 bits is no more a good size for you key
2048 bits is a good size for your key
4096 bits is a very good size for your key
please see : http://lists.gnupg.org/pipermail/gnupg-users/2006-August/029156.html
DSA et ElGamal (by default) is a good choice
The keys validity period is a delicate issue (see google); a period of five years is a good choice.
step 2
you have
- to generate a revocation certificate : gpg2 --output revoke.asc --gen-revoke Etienne
- to save the /.gnupg directory (and all its files) on a usb key or (best) to burn it on a CDrom
- to write (in not clear way) your password on a fixed book of your personnal bookshelf
step 3
your fingerprint can be write on your visiting card :
- gpg2 --fingerprint
- for example : 0E53 808A 4AB3 8DF8 2679 2EEB B8CF 35A4 9840 A6F7
your public key can be send to a key server ( pgp.mit.edu for example ) :
- gpg2 --keyserver pgp.mit.edu --send-keys 0x9840A6F7
- you have note that 9840A6F7 are the 4 last bytes of the fingerprint
you can import a public key from a key server ( pgp.mit.edu for example ) :
- gpg2 --keyserver pgp.mit.edu --recv-key 0x9840A6F7
- gpg2 --list-keys to verify the importation
step 4
to use gnupg with your MUA you have to follow this path :
- for thunderbird : http://enigmail.mozdev.org
- for Kmail : no info available for now
- for Emacs : http://www.emacswiki.org/cgi-bin/wiki/EasyPG
- for Gnus : http://www.suse.de/~garloff/Writings/mutt_gpg/node18.html
- for Mutt : http://codesorcery.net/old/mutt/mutt-gnupg-howto
step 5
Practice makes perfect …
{{
man gpg2
gpg2 --delete-keys 0x2CC455D9 (Cette commande supprime la clef 0x2CC455D9 du trousseau de clefs)
gpg2 --list-public-keys
gpg2 --keyserver ha.pool.sks-servers.net --refresh-keys
gpg2 --keyserver keys.gnupg.net --refresh-keys
gpg2 --keyserver keyring.debian.org --recv-keys 0x9840A6F7
gpg2 --keyserver keyserver.ubuntu.com --refresh-keys
gpg2 --keyserver keyserver.ubuntu.com --recv-keys 0x9840A6F7
gpg2 --finger 0x9840A6F7
gpg2 --sign-key 0x9840A6F7
gpg2 --edit-key 0x9840A6F7
gpg2 --keyserver keyserver.ubuntu.com --send-keys 0x9840A6F7
gpg2 --keyserver keyserver.ubuntu.com --send-keys (absolutely NO effect)
gpg2 --list-public-keys
gpg2 --list-sigs 0x9840A6F7
gpg2 --export -a 0x9840A6F7 > renepaul9840A6F7.key
gpg2 --import -a renepaul9840A6F7.key
gpg2 --import -a --import-options merge-only renepaul9840A6F7.key
cat renepaul9840A6F7.key
gpg2 -er rene test.txt
gpg2 --armor -er rene test.txt
gpg2 --clearsign message.txt > message.txt.asc
gpg2 --output revoke.asc --gen-revoke 0xABCDABCD
gpg2 --verify message.txt
gpg2 --decrypt message.txt.asc > message.txt
gpg2 --local-user 0x5A17505A --decrypt message.txt.asc >message.txt
gpg2 -e MotsDePasse.txt > MotsdePasse.txt.gpg
gpg2 -d MotsDePasse.txt.gpg > MotsdePasse.txt
}}
Miscellaneous Links
- https://lists.gnupg.org/mailman/listinfo/gnupg-users
- https://lists.gnupg.org/pipermail/gnupg-users/2022-February/065891.html
- https://lists.gnupg.org/pipermail/gnupg-devel/
- https://gnupg.org
- https://gnupg.org/signature_key.html
- https://gnupg.org/people/index.html
- https://gnupg.org/ftp/people/
- https://gnupg.org/gph/fr/manual.pdf
- https://gnupg.org/documentation/howtos.html
- https://gnupg.org/documentation/guides.html
- https://wiki.gnupg.org/RecentChanges
- https://www.gnupg.org/howtos/fr/GPGMiniHowto.html
- https://gnupg.org/related_software/pinentry/index.html
- https://www.gnupg.org/faq/gnupg-faq.html
- https://gnupg.org/ftp/people/neal/tofu.pdf
- https://www.drgeek.fr/tutoriels/article/debian-gnupg/
- http://mathgen.ch/cours/crypto/cryptoetlinux.pdf
- https://keyring.debian.org/
- https://keys.openpgp.org/
- https://keyserver.ubuntu.com
- https://emailselfdefense.fsf.org/fr/
- https://twitter.com/gnupg
- https://twitter.com/lambdafu
- https://lists.gnupg.org/mailman/listinfo
- https://lists.gnupg.org/mailman/listinfo/gnupg-users
- http://www-public.imtbs-tsp.eu/~maigron/PGP/
- http://www.bibmath.net/forums/viewtopic.php?id=6389
- http://www.marcus-brinkmann.de/
- http://wiki.partipirate.fr/images/c/c4/Tuto_OpenPGP_Thunderbird.pdf
- https://2015.rmll.info/IMG/pdf/an-advanced-introduction-to-gnupg.pdf
- https://help.riseup.net/fr/security/message-security/openpgp/best-practices
- http://www.g10code.com/
- http://g10code.com/gnupg-donation.html
- https://gnupg.com/
- https://werner.eifzilla.de/
- http://en.wikipedia.org/wiki/Werner_Koch
- http://schestowitz.com/PGP/
- https://blog.genma.fr/?Clef-GPG-et-le-certificat-de-revocation
- https://www.guckes.net/talks/gpg_intro.txt
- https://www.apache.org/dev/key-transition.html
- https://www.enigmail.net/
- https://www.enigmail.net/index.php/en/support
- http://werner.eifelkommune.de
- http://www.wassenaar.org
- http://www.keylength.com
- http://gpgtools.org
- http://weusepgp.info
- https://www.enigmail.net
- http://fr.wikibooks.org/wiki/GPG
- http://sourceforge.net/p/enigmail/forum/
- http://www.crium.univ-metz.fr/docs/securite/gpg/
- http://www.rvq.fr/linux/filecrypt.php
- http://www.root66.net/public/Documents/Gnupg-002.pdf
- http://linux-attitude.fr/post/cryptographie
- https://keys.openpgp.org/about/usage
- http://www.desktoplinux.com/articles/AT3341468184.html
- http://www.rossde.com/PGP/pgp_keyserv.html
- http://www.gnupg.org/documentation/mailing-lists.html
- http://openpgp.vie-privee.org
- http://openpgp.vie-privee.org/mac.html
- http://openpgp.vie-privee.org/pingouin20010920.txt
- http://openpgp.vie-privee.org/gnupg-faq-fr.html
- https://securityinabox.org/fr/thunderbird_utiliserenigmail
- https://riseup.net/fr/security/message-security/openpgp/gpg-best-practices
- https://keyserver.ubuntu.com
- http://pgp.mit.edu/
- http://pgp.cs.uu.nl/
- https://keys.openpgp.org
- https://keyserver.pgp.com
- https://pgp.key-server.io/
- https://sks-keyservers.net
- https://pgp.ocf.berkeley.edu/
- http://pgp.surfnet.nl
- http://keys.andreas-puls.de/pks/lookup?op=stats
- http://keys2.andreas-puls.de/pks/lookup?op=stats
- http://keys3.andreas-puls.de/pks/lookup?op=stats
- http://pgp.cyberbits.eu/pks/lookup?op=stats
- http://pgp.re:11371/pks/lookup?op=stats
- https://pgpkeys.eu/pks/lookup?op=stats
- https://keybath.trifence.ch/pks/lookup?op=stats
- https://keyserver.trifence.ch/pks/lookup?op=stats
- https://www.techrepublic.com/article/how-to-easily-encryptdecrypt-a-file-in-linux-with-gpg/
- https://davesteele.github.io/gpg/2014/09/20/anatomy-of-a-gpg-key/
- https://futureboy.us/pgp.html
- https://www.kernel.org/doc/html/latest/process/maintainer-pgp-guide.html
- https://www.t-dose.org/node/1051
- http://www.guckes.net/talks/gpg_intro.txt
- http://www.guckes.net
- http://fa.vdb.free.fr/GPG/GnuPG2.txt
- http://www.rossde.com/PGP/pgp_keyserv.html
- http://www.macfreek.nl/memory/Convert_GPG_keys_to_subkeys
- http://doc.ubuntu-fr.org/gnupg
- https://help.ubuntu.com/community/GnuPrivacyGuardHowto
- https://people.debian.org/~lunar/blog/posts/ksp_keyserver/
- http://keyring.debian.org/
- http://wiki.debian.org/subkeys
- http://www.faqs.org/faqs/pgp-faq/part1/
- https://fosdem.org/2014/keysigning/
- http://www.debian.org/events/keysigning.fr.html
- http://lists.debian.org/debian-l10n-french/2009/10/msg00060.html
- http://wiki.lm7.fr/index.php/GnuPG
- http://doc.fedora-fr.org/wiki/GnuPG_:_Signature_et_Chiffrement
- http://lea-linux.org/documentations/Reseau-secu-gpg-intro
- http://ferry.eof.eu.org/lesjournaux/jar/public_html/x6055.html
- http://www.webstrat.fr/blog/web-technology/crypter-vos-donnees-avec-gnupg-sous-linux-ubuntu
- http://blog.rom1v.com/2009/05/gnupg-chiffrer-et-signer-sous-ubuntu-pour-les-nuls/
- http://ferry.eof.eu.org/lesjournaux/jar/public_html/x6055.html
- https://www.startmail.com/en/
- http://gpglinux.free.fr/
- http://gpglinux.free.fr/gpg.pdf
- https://rmll.ubicast.tv/videos/crypto_13679_40041/
- http://www.framasoft.net/IMG/tb-enigmail.pdf
- http://www.revoltenumerique.herbesfolles.org/2011/07/13/comment-chiffrer-ses-e-mails/
- https://math-linux.com/linux-2/commande-du-jour/article/comment-crypter-decrypter-un-fichier-ou-un-repertoire-sous-linux
- http://cryptnet.net/
- http://cryptnet.net/people/vab/blogs/cryptowatch/
- http://cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html
- http://wiki.lm7.fr/index.php/GnuPG
- http://wiki.ombrenoire.net/Debian_-_GPG
- https://www.cryptoparty.fr
- https://evil32.com
- https://getbutterfly.com/gpg-pgp-tutorial/
- http://www.debian.org/events/keysigning.fr.html
- http://www.debian.org/events/keysigning.en.html
- http://www.chaosreigns.com/code/sig2dot/links.html
- http://www.hackdiary.com/2004/01/18/revoking-a-gpg-key/
- http://www.hardmac.com/news/2010/03/08/rsa-1024-bits-key-encryption-cracked
- http://www.gnupg.org/gph/fr/manual.html
- https://wiki.debian.org/GnuPG
- http://www.sharevb.net/GPG-PGP-signer-et-crypter-vos.html
- http://www.francoz.net/doc/gpg/
- https://www.arg0.net/
- http://www.prog-info.org/chat/votresalon.php
- http://www.webstrat.fr/blog/web-technology/crypter-vos-donnees-avec-gnupg-sous-linux-ubuntu
- http://www.unixgarden.com/index.php/securite/gnupg-pour-plus-de-confidentialite
- http://www.revoltenumerique.herbesfolles.org/2011/07/13/comment-chiffrer-ses-e-mails/
- http://dominique.guebey.club.fr/tekno/securite/gnupgcde.htm
- http://www.bashprofile.net/article.php3?id_article=397
- http://laurent.flaum.free.fr/pgpintrofr.htm
- http://clx.anet.fr/spip/article.php3?id_article=66
- http://blog.uggy.org/post/2006/05/28/95-chiffrer-en-symetrique-avec-gpg
- http://mbourgeois.developpez.com/articles/securite/pgp/initiation_a_pgp.pdf
- http://www.spywarewarrior.com/uiuc/gpg/gpg-com-0.htm
- http://www.gnupg.org/howtos/fr/GPGMiniHowto-6.html
- http://linux.about.com/library/cmd/blcmdl1_gpg.htm
- https://wiki.ubuntu.com/KeySigningParty
- https://tinyurl.com/MerciRonanQuennec (exporter et sauvegarder les clefs)
- https://www.nextinpact.com/article/30133/108640-gnupg-2-2-20-simplifie-gestion-cles-publiques-des-premier-contact-comment-ca-marche
- https://net-security.fr/security/gnupg-introduction-cheat-sheet/
- http://docs.abuledu.org/abuledu/mainteneur/creer_une_cle_gpg
- http://www.revoltenumerique.herbesfolles.org/2011/07/13/comment-chiffrer-ses-e-mails/
- https://www.eff.org/files/gpg-keys-20151009.txt
- http://schestowitz.com/PGP/
- https://laurentbloch.net/BlogLB/GnuPG
- https://journaldunadminlinux.fr/chiffrer-et-dechiffrer-avec-gnupg/
- https://www.linuxtricks.fr/wiki/gpg-chiffrer-et-dechiffrer-des-fichiers-avec-un-mot-de-passe
- https://renemages.wordpress.com/2015/05/01/cryptographie/
- http://ffii.fr/ramix/gpg-public-key.html
- http://ffii.fr/ramix/gpg
- http://www.ffii.fr/ramix/gpg/mangpg2.txt
- https://tinyurl.com/RenePaulMagesPublicKey
- SomePublicKeys
- Cryptography Links
- BasicReferences