Aquilenet

# Tutos pgp

## Liens externes

pad de travail : https://pad.aquilenet.fr/p/atelier_22092018

### Manuel Gnupgp

https://www.gnupg.org/gph/fr/manual.html#AEN248

https://linux.die.net/man/1/gpg2

### Création des clefs

https://keyring.debian.org/creating-key.html

http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/

https://www.activpart.com/utiliser-openpgp-linux-debian-gnupg/

https://help.github.com/articles/generating-a-new-gpg-key/

http://gpglinux.free.fr/

### Gestion des clefs

https://gnupg.org/documentation/manuals/gnupg/OpenPGP-Key-Management.html#OpenPGP-Key-Management

https://wiki.faimaison.net/doku.php?id=gpg&s[]=gpg

### Signature des clefs

https://www.debian.org/events/keysigning.fr.html

### Les copains 

http://www.giroll.org/

## En ligne de commande

Installation de l'outil

~~~

sudo apt-get install gnupg

~~~

Génération de la clef

~~~

gpg --full-generate-key

~~~

Il y aura un premier lot de choix à réaliser (type d'utilisation, degré de chiffrement, durée de validité) 

> gpg: keyring `/home/user/.gnupg/secring.gpg' created

gpg: keyring `/home/user/.gnupg/pubring.gpg' created

Please select what kind of key you want:

   (1) RSA and RSA (default)

   (2) DSA and Elgamal

   (3) DSA (sign only)

   (4) RSA (sign only)

Your selection? **1**

RSA keys may be between 1024 and 4096 bits long.

What keysize do you want? (2048) **4096**

Requested keysize is 4096 bits

Please specify how long the key should be valid.

         0 = key does not expire

      <n>  = key expires in n days

      <n>w = key expires in n weeks

      <n>m = key expires in n months

      <n>y = key expires in n years

Key is valid for? (0) **3y**

Key expires at Tue 11 May 2019 12:53:08 AM EDT

Is this correct? (y/N) **y**

Ensuite viendront d'autres questions concernant votre identité puis le **mot de passe**

> You need a user ID to identify your key; the software constructs the user ID

from the Real Name, Comment and Email Address in this form:

    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: **Test User**

Email address: **test@example.org**

Comment: 

You selected this USER-ID:

    "Test User <test@example.org>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? **o**

You need a Passphrase to protect your secret key.

passphrase not correctly repeated; try again.

We need to generate a lot of random bytes. It is a good idea to perform

some other action (type on the keyboard, move the mouse, utilize the

disks) during the prime generation; this gives the random number

generator a better chance to gain enough entropy.

..........+++++

A ce moment-là c'est une bonne idée de lancer une vidéo, faire des trucs sur le pc

(note : il existe un utilitaire qui crée de l'entropie tout seul mais 'jme rapelle plus de son nom)

> .................................+++++

We need to generate a lot of random bytes. It is a good idea to perform

some other action (type on the keyboard, move the mouse, utilize the

disks) during the prime generation; this gives the random number

generator a better chance to gain enough entropy.

........+++++

.......+++++

gpg: /home/user/.gnupg/trustdb.gpg: trustdb created

gpg: key 23955501 marked as ultimately trusted

public and secret key created and signed.

A ce moment-là les clefs sont crées (probablement dans ~/.gnupg

###Génération du certificat de révocation

### Envoi de la clef

gpg --keyserver pool.sks-keyservers.net --send-key '519D 4592 3D31 56E6 B7A8  269E F9E2 35C3 2395 5501'

### Edition d'une clef

gpg --edit-key 285AFE12FFC70E5B8A950BB0FF2DCF039EB27061