Tuto pgp » Historique » Version 7
pizzacoca, 22/09/2018 21:45
1 | 1 | pizzacoca | # Tutos pgp |
---|---|---|---|
2 | |||
3 | 5 | pizzacoca | ## Liens externes |
4 | |||
5 | 7 | pizzacoca | pad de travail : https://pad.aquilenet.fr/p/atelier_22092018 |
6 | |||
7 | 5 | pizzacoca | ### Manuel Gnupgp |
8 | 1 | pizzacoca | https://www.gnupg.org/gph/fr/manual.html#AEN248 |
9 | https://linux.die.net/man/1/gpg2 |
||
10 | |||
11 | 5 | pizzacoca | ### Création des clefs |
12 | 1 | pizzacoca | https://keyring.debian.org/creating-key.html |
13 | http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/ |
||
14 | https://www.activpart.com/utiliser-openpgp-linux-debian-gnupg/ |
||
15 | https://help.github.com/articles/generating-a-new-gpg-key/ |
||
16 | http://gpglinux.free.fr/ |
||
17 | |||
18 | 5 | pizzacoca | ### Gestion des clefs |
19 | 1 | pizzacoca | https://gnupg.org/documentation/manuals/gnupg/OpenPGP-Key-Management.html#OpenPGP-Key-Management |
20 | https://wiki.faimaison.net/doku.php?id=gpg&s[]=gpg |
||
21 | |||
22 | 5 | pizzacoca | ### Signature des clefs |
23 | 1 | pizzacoca | https://www.debian.org/events/keysigning.fr.html |
24 | 2 | pizzacoca | |
25 | 5 | pizzacoca | ### Les copains |
26 | 1 | pizzacoca | http://www.giroll.org/ |
27 | 3 | pizzacoca | |
28 | ## En ligne de commande |
||
29 | 4 | pizzacoca | |
30 | Installation de l'outil |
||
31 | |||
32 | ~~~ |
||
33 | sudo apt-get install gnupg |
||
34 | ~~~ |
||
35 | |||
36 | |||
37 | Génération de la clef |
||
38 | |||
39 | ~~~ |
||
40 | gpg --full-generate-key |
||
41 | ~~~ |
||
42 | |||
43 | Il y aura un premier lot de choix à réaliser (type d'utilisation, degré de chiffrement, durée de validité) |
||
44 | > gpg: keyring `/home/user/.gnupg/secring.gpg' created |
||
45 | gpg: keyring `/home/user/.gnupg/pubring.gpg' created |
||
46 | Please select what kind of key you want: |
||
47 | (1) RSA and RSA (default) |
||
48 | (2) DSA and Elgamal |
||
49 | (3) DSA (sign only) |
||
50 | (4) RSA (sign only) |
||
51 | Your selection? **1** |
||
52 | RSA keys may be between 1024 and 4096 bits long. |
||
53 | What keysize do you want? (2048) **4096** |
||
54 | Requested keysize is 4096 bits |
||
55 | Please specify how long the key should be valid. |
||
56 | 0 = key does not expire |
||
57 | <n> = key expires in n days |
||
58 | <n>w = key expires in n weeks |
||
59 | <n>m = key expires in n months |
||
60 | <n>y = key expires in n years |
||
61 | Key is valid for? (0) **3y** |
||
62 | Key expires at Tue 11 May 2019 12:53:08 AM EDT |
||
63 | Is this correct? (y/N) **y** |
||
64 | |||
65 | Ensuite viendront d'autres questions concernant votre identité puis le **mot de passe** |
||
66 | |||
67 | > You need a user ID to identify your key; the software constructs the user ID |
||
68 | from the Real Name, Comment and Email Address in this form: |
||
69 | "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>" |
||
70 | Real name: **Test User** |
||
71 | Email address: **test@example.org** |
||
72 | Comment: |
||
73 | You selected this USER-ID: |
||
74 | "Test User <test@example.org>" |
||
75 | Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? **o** |
||
76 | You need a Passphrase to protect your secret key. |
||
77 | passphrase not correctly repeated; try again. |
||
78 | We need to generate a lot of random bytes. It is a good idea to perform |
||
79 | some other action (type on the keyboard, move the mouse, utilize the |
||
80 | disks) during the prime generation; this gives the random number |
||
81 | generator a better chance to gain enough entropy. |
||
82 | ..........+++++ |
||
83 | |||
84 | A ce moment-là c'est une bonne idée de lancer une vidéo, faire des trucs sur le pc |
||
85 | (note : il existe un utilitaire qui crée de l'entropie tout seul mais 'jme rapelle plus de son nom) |
||
86 | |||
87 | > .................................+++++ |
||
88 | We need to generate a lot of random bytes. It is a good idea to perform |
||
89 | some other action (type on the keyboard, move the mouse, utilize the |
||
90 | disks) during the prime generation; this gives the random number |
||
91 | generator a better chance to gain enough entropy. |
||
92 | ........+++++ |
||
93 | .......+++++ |
||
94 | gpg: /home/user/.gnupg/trustdb.gpg: trustdb created |
||
95 | gpg: key 23955501 marked as ultimately trusted |
||
96 | public and secret key created and signed. |
||
97 | |||
98 | A ce moment-là les clefs sont crées (probablement dans ~/.gnupg |
||
99 | 6 | pizzacoca | |
100 | ###Génération du certificat de révocation |
||
101 | |||
102 | |||
103 | ### Envoi de la clef |
||
104 | |||
105 | gpg --keyserver pool.sks-keyservers.net --send-key '519D 4592 3D31 56E6 B7A8 269E F9E2 35C3 2395 5501' |
||
106 | |||
107 | ### Edition d'une clef |
||
108 | |||
109 | gpg --edit-key 285AFE12FFC70E5B8A950BB0FF2DCF039EB27061 |