Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions

  




 

 

NOTE: CentOS Enterprise Linux is built from the Red Hat Enterprise Linux source code. Other than logo and name changes CentOS Enterprise Linux is compatible with the equivalent Red Hat version. This document applies equally to both Red Hat and CentOS Enterprise Linux.

Appendix B. Getting Started with Gnu Privacy Guard

Have you ever wondered if your email can be read during its transmission from you to other people, or from other people to you? Unfortunately, complete strangers could conceivably intercept or even tamper with your email.

In traditional (also known as "snail") mail, letters are usually sealed within envelopes, stamped and delivered from post office branch to branch until they reach their destination. But sending mail through the Internet is much less secure; email is usually transmitted as unencrypted text from server to server. No special steps are taken to protect your correspondence from being seen or tampered with by other people.

To help you protect your privacy, Red Hat Enterprise Linux 4 includes GnuPG, the GNU Privacy Guard, which is installed by default during a typical Red Hat Enterprise Linux installation. It is also referred to as GPG.

GnuPG is a tool for secure communication; it is a complete and free replacement for the encryption technology of PGP (Pretty Good Privacy, a widely popular encryption application). Using GnuPG, you can encrypt your data and correspondence as well as authenticate your correspondence by digitally signing your work. GnuPG is also capable of decrypting and verifying PGP 5.x.

Because GnuPG is compatible with other encryption standards, your secure correspondence is probably compatible with email applications on other operating systems, such as Windows and Macintosh.

GnuPG uses public key cryptography to provide users with a secure exchange of data. In a public key cryptography scheme, you generate two keys: a public key and a private key. You exchange your public key with correspondents or with a keyserver; you should never reveal your private key.

Encryption depends upon the use of keys. In conventional or symmetric cryptography, both ends of the transaction have the same key, which they use to decode each other's transmissions. In public key cryptography, two keys co-exist: a public key and a private key. A person or an organization keeps their private key a secret, and publishes their public key. Data encoded with the public key can only be decoded with the private key; data encoded with the private key can only be decoded with the public key.

Important Important
 

Remember that your public key can be given to anyone with whom you want to communicate securely, but you must never give away your private key.

For the most part, cryptography is beyond the scope of this publication; volumes have been written about the subject. In this chapter, however, we hope you gain enough understanding about GnuPG to begin using cryptography in your own correspondence. If you want to learn more about GnuPG, PGP and encryption technology, see Section B.8 Additional Resources.

B.1. Configuration File

The first time you run a GnuPG command, a .gnupg directory is created in your home directory. Starting with version 1.2, the configuration filename has change from .gnupg/options to .gnupg/gpg.conf. If .gnupg/gpg.conf is not found in your home directory, .gnupg/options is used. If you only use version 1.2 or higher, it is recommended that you rename your configuration file with the following command:

mv ~/.gnupg/options ~/.gnupg/gpg.conf

If you are upgrading from a version prior to 1.0.7, you can create signature caches in your keyring to decrease the keyring access time. To perform this operation, execute the following command once:

gpg --rebuild-keydb-caches

 
 
  Published under the terms of the GNU General Public License Design by Interspire