Projet

Général

Profil

Tuto pgp » Historique » Révision 6

Révision 5 (pizzacoca, 12/09/2018 21:15) → Révision 6/11 (pizzacoca, 12/09/2018 22:34)

# Tutos pgp 

 ## Liens externes 

 ### Manuel Gnupgp 
 https://www.gnupg.org/gph/fr/manual.html#AEN248 
 https://linux.die.net/man/1/gpg2 

 ### Création des clefs 
 https://keyring.debian.org/creating-key.html 
 http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/ 
 https://www.activpart.com/utiliser-openpgp-linux-debian-gnupg/ 
 https://help.github.com/articles/generating-a-new-gpg-key/ 
 http://gpglinux.free.fr/ 

 ### Gestion des clefs 
 https://gnupg.org/documentation/manuals/gnupg/OpenPGP-Key-Management.html#OpenPGP-Key-Management 
 https://wiki.faimaison.net/doku.php?id=gpg&s[]=gpg 

 ### Signature des clefs 
 https://www.debian.org/events/keysigning.fr.html 

 ### Les copains  
 http://www.giroll.org/ 

 ## En ligne de commande 

 Installation de l'outil 

 ~~~ 
 sudo apt-get install gnupg 
 ~~~ 


 Génération de la clef 

 ~~~ 
 gpg --full-generate-key 
 ~~~ 

 Il y aura un premier lot de choix à réaliser (type d'utilisation, degré de chiffrement, durée de validité)  
 > gpg: keyring `/home/user/.gnupg/secring.gpg' created 
 gpg: keyring `/home/user/.gnupg/pubring.gpg' created 
 Please select what kind of key you want: 
    (1) RSA and RSA (default) 
    (2) DSA and Elgamal 
    (3) DSA (sign only) 
    (4) RSA (sign only) 
 Your selection? **1** 
 RSA keys may be between 1024 and 4096 bits long. 
 What keysize do you want? (2048) **4096** 
 Requested keysize is 4096 bits 
 Please specify how long the key should be valid. 
          0 = key does not expire 
       <n>    = key expires in n days 
       <n>w = key expires in n weeks 
       <n>m = key expires in n months 
       <n>y = key expires in n years 
 Key is valid for? (0) **3y** 
 Key expires at Tue 11 May 2019 12:53:08 AM EDT 
 Is this correct? (y/N) **y** 

 Ensuite viendront d'autres questions concernant votre identité puis le **mot de passe** 

 > You need a user ID to identify your key; the software constructs the user ID 
 from the Real Name, Comment and Email Address in this form: 
     "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>" 
 Real name: **Test User** 
 Email address: **test@example.org** 
 Comment:  
 You selected this USER-ID: 
     "Test User <test@example.org>" 
 Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? **o** 
 You need a Passphrase to protect your secret key. 
 passphrase not correctly repeated; try again. 
 We need to generate a lot of random bytes. It is a good idea to perform 
 some other action (type on the keyboard, move the mouse, utilize the 
 disks) during the prime generation; this gives the random number 
 generator a better chance to gain enough entropy. 
 ..........+++++ 

 A ce moment-là c'est une bonne idée de lancer une vidéo, faire des trucs sur le pc 
 (note : il existe un utilitaire qui crée de l'entropie tout seul mais 'jme rapelle plus de son nom) 

 > .................................+++++ 
 We need to generate a lot of random bytes. It is a good idea to perform 
 some other action (type on the keyboard, move the mouse, utilize the 
 disks) during the prime generation; this gives the random number 
 generator a better chance to gain enough entropy. 
 ........+++++ 
 .......+++++ 
 gpg: /home/user/.gnupg/trustdb.gpg: trustdb created 
 gpg: key 23955501 marked as ultimately trusted 
 public and secret key created and signed. 

 A ce moment-là les clefs sont crées (probablement dans ~/.gnupg 

 ###Génération du certificat de révocation 


 ### Envoi de la clef 

 gpg --keyserver pool.sks-keyservers.net --send-key '519D 4592 3D31 56E6 B7A8    269E F9E2 35C3 2395 5501' 

 ### Edition d'une clef 

 gpg --edit-key 285AFE12FFC70E5B8A950BB0FF2DCF039EB27061