http://usalug.org

Sunday, January 7, 2007

GPG and why it's necessary!

GNU Privacy Guard is the GNU Project's complete and free implementation of the OpenPGP standard as defined by RFC2440. GnuPG allows to encrypt and sign your data and communication, features a versatile key managment system as well as access modules for all kind of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries are available.

GnuPG is Free Software (meaning that it respects your freedom). It can be freely used, modified and distributed under the terms of the GNU General Public Lin .

Version 1.0.0 has been released on September 7th, 1999. The current stable version is 1.4.6 . (Taken from GNU PG .)


I decided to make this post on GPG to let users know that there are even more ways to protect your digital information. Laws are making it easier and easier for Big Brother to monitor your every move on a computer. Not to mention all the problems that are already out there with data theft. Password protection just doesn't seem to be enough anymore. By using GPG you can safely and securely have corrospondance with other people and be sure that they are the only ones who are reading it. GPG can be installed very easily with any of the Linux Distros out there. Simply search for it using your package manager. Then install it. You can find a list of frontend applications for GPG here. GPG can be used to encrypt files or directories on your computer so that no one else can access them without having your passphrase for you private key. You can also use it to encrypt files for others, by encrypting it with their public key.

If all you need it for is email, then install Thunderbird. There is an extension for Mozilla Thunderbird called Enigmail. Enigmail will allow you to generate a key pair. That key pair will contain a public key (which you share with people) and a private key. The private key is to decrypt emails that have been encrypted with your public key. So I share my public key with John Q. Smith, and he shares his public key with me. When I go to send an encrypted email to John, I would use his public key. Then when he gets the email he would decrypt that email using his private key...this will "unlock" the email. His reply would be encrypted using my public key that I gave him. When I receive his reply, I would decrypt it using my private key. Enigmail makes this a very simple task. Enigmail can be found here.

Here is my public key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

mQGiBENo9XwRBAD13MKiydCUjdzf7tLUsYP3r/nvn2lv6RfT6Wb8dz5yBTfYcbk6
orRQpUKABREwsFBnfN0d1U+nefwqqw81sbI34eAWQ6fLkqKQv4nqIMNZi0ZVt2rO
F63bGoFutH6P3bTdGFlunr43Yg8A2eKCMqR+H4N8qtnXe/PVWnyA4rZfdwCgtBuZ
cRerFby4BM/I3V84plMppI0EAN81QBcikXkjFFG1SSaDeAEU0Jac22erpDlspqVF
+L4yQhINt4FqEAUnuVjjp0UQ9uziCXNNLohChQ6fsXo3wwdTEVWgzWKcMnnZgPvB
Cy8Ctc/53LGH5T49Oq0XOsr+VUG0PSzT/yAAaHaTNDjwrdrjGYRYbRFd9RIx6ai3
s2ZcBAC2soAnErlq2kweDXJNoLLshcdKqqZpNdOQrmlxLLbhiRQWwxaGAUv+55NM
hgQfk0bjz23ty17IwWchivjngpPSx110WTsP88FXjTXzmkJx0aVEuNogNjKUkF16
pA7BY/benVdPKlpd80lkmVGU/8iIuumN0QZJspYLlK2u8XkSjLQbVHJleSBGb3gg
PGdlZm94NEBnbWFpbC5jb20+iF0EExECAB0FAkNo9XwGCwkIBwMCBBUCCAMEFgID
AQIeAQIXgAAKCRCRyqyJcxtzRyOHAJ9UDDTrVcvb0Qo+rR70vN97cFgChwCeOmsx
nRxFM+dJulF9d3/cqQfC7z65AQ0EQ2j1fhAEAMHjLWotWURQ3H2AhQPrv4H8gjvd
pZCR3ptqGAtAALFDyaiUglbW3aef8hHVmbfjLUwNl5RHtBsPYsQ3ZRtLy3jOzbZI
IPlDvbcMsITuV1zVdXzpkGIx3ZkJNSJM+6bERr3kNlsdorqSPeHsLR3g8TgaE1Rd
Et0mUOhAOkj1vmOjAAMFA/9jGxpC9oNDLzc6dKGias9YlFuu8X33DQIMTisUJAKO
DResoX8nZRQ0nPZYge4zLa4mZa1qwanACg+RnJNSODCVPbAHbL+FODJX3POGmBtg
vw7Xv10GqnkTWkQ6JaJcL3pXdfPncmYG7+IjRZkuBXppi2S53/STSdjfwiBYRcTQ
JIhGBBgRAgAGBQJDaPV+AAoJEJHKrIlzG3NHP3oAn0IzHC/25R4yvOUyzWwQo39Z
VYzuAJwL04reg+tEVt5q612pJ4ExvISSSQ==
=zEBU
-----END PGP PUBLIC KEY BLOCK-----

Feel free to email me to test out your keys!



Till next time:

Coastie

No comments: