Track3Agenda: 2-1-1.pgp-lab.html

File 2-1-1.pgp-lab.html, 40.5 KB (added by trac, 5 years ago)
Line 
1<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2<html xmlns="http://www.w3.org/1999/xhtml">
3<head>
4  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
5  <meta http-equiv="Content-Style-Type" content="text/css" />
6  <meta name="generator" content="pandoc" />
7  <meta name="author" content="pokui@nsrc.org" />
8  <title>Installing and Using PGP</title>
9  <style type="text/css">code{white-space: pre;}</style>
10  <link href="data:text/css,%2F%2A%0A%20%20%20%20Buttondown%0A%20%20%20%20A%20Markdown%2FMultiMarkdown%2FPandoc%20HTML%20output%20CSS%20stylesheet%0A%20%20%20%20Author%3A%20Ryan%20Gray%0A%20%20%20%20Date%3A%2015%20Feb%202011%0A%20%20%20%20Revised%3A%2021%20Feb%202012%0A%20%20%20%0A%20%20%20%20General%20style%20is%20clean%2C%20with%20minimal%20re%2Ddefinition%20of%20the%20defaults%20or%20%0A%20%20%20%20overrides%20of%20user%20font%20settings%2E%20The%20body%20text%20and%20header%20styles%20are%20%0A%20%20%20%20left%20alone%20except%20title%2C%20author%20and%20date%20classes%20are%20centered%2E%20A%20Pandoc%20TOC%20%0A%20%20%20%20is%20not%20printed%2C%20URLs%20are%20printed%20after%20hyperlinks%20in%20parentheses%2E%20%0A%20%20%20%20Block%20quotes%20are%20italicized%2E%20Tables%20are%20lightly%20styled%20with%20lines%20above%20%0A%20%20%20%20and%20below%20the%20table%20and%20below%20the%20header%20with%20a%20boldface%20header%2E%20Code%20%0A%20%20%20%20blocks%20are%20line%20wrapped%2E%20%0A%20%0A%20%20%20%20All%20elements%20that%20Pandoc%20and%20MultiMarkdown%20use%20should%20be%20listed%20here%2C%20even%20%0A%20%20%20%20if%20the%20style%20is%20empty%20so%20you%20can%20easily%20add%20styling%20to%20anything%2E%0A%20%20%20%20%0A%20%20%20%20There%20are%20some%20elements%20in%20here%20for%20HTML5%20output%20of%20Pandoc%2C%20but%20I%20have%20not%20%0A%20%20%20%20gotten%20around%20to%20testing%20that%20yet%2E%0A%2A%2F%0A%20%0A%2F%2A%20NOTES%3A%0A%20%0A%20%20%20%20Stuff%20tried%20and%20failed%3A%0A%20%20%20%20%0A%20%20%20%20It%20seems%20that%20specifying%20font%2Dfamily%3Aserif%20in%20Safari%20will%20always%20use%20%0A%20%20%20%20Times%20New%20Roman%20rather%20than%20the%20user%27s%20preferences%20setting%2E%0A%20%20%20%20%0A%20%20%20%20Making%20the%20font%20size%20different%20or%20a%20fixed%20value%20for%20print%20in%20case%20the%20screen%20%0A%20%20%20%20font%20size%20is%20making%20the%20print%20font%20too%20big%3A%20Making%20font%2Dsize%20different%20for%20%0A%20%20%20%20print%20than%20for%20screen%20causes%20horizontal%20lines%20to%20disappear%20in%20math%20when%20using%20%0A%20%20%20%20MathJax%20under%20Safari%2E%0A%2A%2F%0A%20%0A%2F%2A%20%2D%2D%2D%2D%20Front%20Matter%20%2D%2D%2D%2D%20%2A%2F%0A%20%0A%2F%2A%20Pandoc%20header%20DIV%2E%20Contains%20%2Etitle%2C%20%2Eauthor%20and%20%2Edate%2E%20Comes%20before%20div%23TOC%2E%20%0A%20%20%20Only%20appears%20if%20one%20of%20those%20three%20are%20in%20the%20document%2E%0A%2A%2F%0A%20%0Adiv%23header%2C%20header%0A%20%20%20%20%7B%0A%20%20%20%20%2F%2A%20Put%20border%20on%20bottom%2E%20Separates%20it%20from%20TOC%20or%20body%20that%20comes%20after%20it%2E%20%2A%2F%0A%20%20%20%20border%2Dbottom%3A%201px%20solid%20%23aaa%3B%0A%20%20%20%20margin%2Dbottom%3A%200%2E5em%3B%0A%20%20%20%20%7D%0A%20%0A%2Etitle%20%2F%2A%20Pandoc%20title%20header%20%28h1%2Etitle%29%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20text%2Dalign%3A%20center%3B%0A%20%20%20%20%7D%0A%20%0A%2Eauthor%2C%20%2Edate%20%2F%2A%20Pandoc%20author%28s%29%20and%20date%20headers%20%28h2%2Eauthor%20and%20h3%2Edate%29%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20text%2Dalign%3A%20center%3B%0A%20%20%20%20%7D%0A%20%0A%2F%2A%20Pandoc%20table%20of%20contents%20DIV%20when%20using%20the%20%2D%2Dtoc%20option%2E%0A%20%20%20NOTE%3A%20this%20doesn%27t%20support%20Pandoc%27s%20%2D%2Did%2Dprefix%20option%20for%20%23TOC%20and%20%23header%2E%20%0A%20%20%20Probably%20would%20need%20to%20use%20div%5Bid%24%3D%27TOC%27%5D%20and%20div%5Bid%24%3D%27header%27%5D%20as%20selectors%2E%0A%2A%2F%0A%20%0Adiv%23TOC%2C%20nav%23TOC%0A%20%20%20%20%7B%0A%20%20%20%20%2F%2A%20Put%20border%20on%20bottom%20to%20separate%20it%20from%20body%2E%20%2A%2F%0A%20%20%20%20border%2Dbottom%3A%201px%20solid%20%23aaa%3B%0A%20%20%20%20margin%2Dbottom%3A%200%2E5em%3B%0A%20%20%20%20%7D%0A%20%0A%40media%20print%0A%20%20%20%20%7B%0A%20%20%20%20div%23TOC%2C%20nav%23TOC%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%2F%2A%20Don%27t%20display%20TOC%20in%20print%20%2A%2F%0A%20%20%20%20%20%20%20%20display%3A%20none%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%0A%2F%2A%20%2D%2D%2D%2D%20Headers%20and%20sections%20%2D%2D%2D%2D%20%2A%2F%0A%20%0Ah1%2C%20h2%2C%20h3%2C%20h4%2C%20h5%2C%20h6%0A%7B%0A%20%20%20%20font%2Dfamily%3A%20%22Helvetica%20Neue%22%2C%20Helvetica%2C%20%22Liberation%20Sans%22%2C%20Calibri%2C%20Arial%2C%20sans%2Dserif%3B%20%2F%2A%20Sans%2Dserif%20headers%20%2A%2F%0A%20%0A%20%20%20%20%2F%2A%20font%2Dfamily%3A%20%22Liberation%20Serif%22%2C%20%22Georgia%22%2C%20%22Times%20New%20Roman%22%2C%20serif%3B%20%2F%2A%20Serif%20headers%20%2A%2F%0A%20%0A%20%20%20%20page%2Dbreak%2Dafter%3A%20avoid%3B%20%2F%2A%20Firefox%2C%20Chrome%2C%20and%20Safari%20do%20not%20support%20the%20property%20value%20%22avoid%22%20%2A%2F%0A%7D%0A%20%0A%2F%2A%20Pandoc%20with%20%2D%2Dsection%2Ddivs%20option%20%2A%2F%0A%20%0Adiv%20div%2C%20section%20section%20%2F%2A%20Nested%20sections%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20margin%2Dleft%3A%202em%3B%20%2F%2A%20This%20will%20increasingly%20indent%20nested%20header%20sections%20%2A%2F%0A%20%20%20%20%7D%0A%20%0Ap%20%7B%7D%0A%20%0Ablockquote%0A%20%20%20%20%7B%20%0A%20%20%20%20font%2Dstyle%3A%20italic%3B%0A%20%20%20%20%7D%0A%20%0Ali%20%2F%2A%20All%20list%20items%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%0Ali%20%3E%20p%20%2F%2A%20Loosely%20spaced%20list%20item%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20margin%2Dtop%3A%201em%3B%20%2F%2A%20IE%3A%20lack%20of%20space%20above%20a%20%3Cli%3E%20when%20the%20item%20is%20inside%20a%20%3Cp%3E%20%2A%2F%0A%20%20%20%20%7D%0A%20%0Aul%20%2F%2A%20Whole%20unordered%20list%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%0Aul%20li%20%2F%2A%20Unordered%20list%20item%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%0Aol%20%2F%2A%20Whole%20ordered%20list%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%0Aol%20li%20%2F%2A%20Ordered%20list%20item%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%0Ahr%20%7B%7D%0A%20%0A%2F%2A%20%2D%2D%2D%2D%20Some%20span%20elements%20%2D%2D%2D%20%2A%2F%0A%20%0Asub%20%2F%2A%20Subscripts%2E%20Pandoc%3A%20H%7E2%7EO%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%0Asup%20%2F%2A%20Superscripts%2E%20Pandoc%3A%20The%202%5End%5E%20try%2E%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%20%20%20%0Aem%20%2F%2A%20Emphasis%2E%20Markdown%3A%20%2Aemphasis%2A%20or%20%5Femphasis%5F%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%20%20%20%0Aem%20%3E%20em%20%2F%2A%20Emphasis%20within%20emphasis%3A%20%2AThis%20is%20all%20%2Aemphasized%2A%20except%20that%2A%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20font%2Dstyle%3A%20normal%3B%0A%20%20%20%20%7D%0A%20%0Astrong%20%2F%2A%20Markdown%20%2A%2Astrong%2A%2A%20or%20%5F%5Fstrong%5F%5F%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%0A%2F%2A%20%2D%2D%2D%2D%20Links%20%28anchors%29%20%2D%2D%2D%2D%20%2A%2F%0A%20%0Aa%20%2F%2A%20All%20links%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%2F%2A%20Keep%20links%20clean%2E%20On%20screen%2C%20they%20are%20colored%3B%20in%20print%2C%20they%20do%20nothing%20anyway%2E%20%2A%2F%0A%20%20%20%20text%2Ddecoration%3A%20none%3B%0A%20%20%20%20%7D%0A%20%0A%40media%20screen%0A%20%20%20%20%7B%0A%20%20%20%20a%3Ahover%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%2F%2A%20On%20hover%2C%20we%20indicate%20a%20bit%20more%20that%20it%20is%20a%20link%2E%20%2A%2F%0A%20%20%20%20%20%20%20%20text%2Ddecoration%3A%20underline%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%0A%40media%20print%0A%20%20%20%20%7B%0A%20%20%20%20a%20%20%20%7B%0A%20%20%20%20%20%20%20%20%2F%2A%20In%20print%2C%20a%20colored%20link%20is%20useless%2C%20so%20un%2Dstyle%20it%2E%20%2A%2F%0A%20%20%20%20%20%20%20%20color%3A%20black%3B%0A%20%20%20%20%20%20%20%20background%3A%20transparent%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%0A%20%20%20%20a%5Bhref%5E%3D%22http%3A%2F%2F%22%5D%3Aafter%2C%20a%5Bhref%5E%3D%22https%3A%2F%2F%22%5D%3Aafter%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%2F%2A%20However%2C%20links%20that%20go%20somewhere%20else%2C%20might%20be%20useful%20to%20the%20reader%2C%0A%20%20%20%20%20%20%20%20%20%20%20so%20for%20http%20and%20https%20links%2C%20print%20the%20URL%20after%20what%20was%20the%20link%20%0A%20%20%20%20%20%20%20%20%20%20%20text%20in%20parens%0A%20%20%20%20%20%20%20%20%2A%2F%0A%20%20%20%20%20%20%20%20content%3A%20%22%20%28%22%20attr%28href%29%20%22%29%20%22%3B%0A%20%20%20%20%20%20%20%20font%2Dsize%3A%2090%25%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%0A%2F%2A%20%2D%2D%2D%2D%20Images%20%2D%2D%2D%2D%20%2A%2F%0A%20%0Aimg%0A%20%20%20%20%7B%0A%20%20%20%20%2F%2A%20Let%20it%20be%20inline%20left%2Fright%20where%20it%20wants%20to%20be%2C%20but%20verticality%20make%20%0A%20%20%20%20%20%20%20it%20in%20the%20middle%20to%20look%20nicer%2C%20but%20opinions%20differ%2C%20and%20if%20in%20a%20multi%2Dline%20%0A%20%20%20%20%20%20%20paragraph%2C%20it%20might%20not%20be%20so%20great%2E%20%0A%20%20%20%20%2A%2F%0A%20%20%20%20vertical%2Dalign%3A%20middle%3B%0A%20%20%20%20%7D%0A%20%0Adiv%2Efigure%20%2F%2A%20Pandoc%20figure%2Dstyle%20image%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%2F%2A%20Center%20the%20image%20and%20caption%20%2A%2F%0A%20%20%20%20margin%2Dleft%3A%20auto%3B%0A%20%20%20%20margin%2Dright%3A%20auto%3B%0A%20%20%20%20text%2Dalign%3A%20center%3B%0A%20%20%20%20font%2Dstyle%3A%20italic%3B%0A%20%20%20%20%7D%0A%20%0Ap%2Ecaption%20%2F%2A%20Pandoc%20figure%2Dstyle%20caption%20within%20div%2Efigure%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%2F%2A%20Inherits%20div%2Efigure%20props%20by%20default%20%2A%2F%0A%20%20%20%20%7D%0A%20%0A%2F%2A%20%2D%2D%2D%2D%20Code%20blocks%20and%20spans%20%2D%2D%2D%2D%20%2A%2F%0A%20%0Apre%2C%20code%20%0A%20%20%20%20%7B%0A%20%20%20%20background%2Dcolor%3A%20%23fdf7ee%3B%0A%20%20%20%20%2F%2A%20BEGIN%20word%20wrap%20%2A%2F%0A%20%20%20%20%2F%2A%20Need%20all%20the%20following%20to%20word%20wrap%20instead%20of%20scroll%20box%20%2A%2F%0A%20%20%20%20%2F%2A%20This%20will%20override%20the%20overflow%3Aauto%20if%20present%20%2A%2F%0A%20%20%20%20white%2Dspace%3A%20pre%2Dwrap%3B%20%2F%2A%20css%2D3%20%2A%2F%0A%20%20%20%20white%2Dspace%3A%20%2Dmoz%2Dpre%2Dwrap%20%21important%3B%20%2F%2A%20Mozilla%2C%20since%201999%20%2A%2F%0A%20%20%20%20white%2Dspace%3A%20%2Dpre%2Dwrap%3B%20%2F%2A%20Opera%204%2D6%20%2A%2F%0A%20%20%20%20white%2Dspace%3A%20%2Do%2Dpre%2Dwrap%3B%20%2F%2A%20Opera%207%20%2A%2F%0A%20%20%20%20word%2Dwrap%3A%20break%2Dword%3B%20%2F%2A%20Internet%20Explorer%205%2E5%2B%20%2A%2F%0A%20%20%20%20%2F%2A%20END%20word%20wrap%20%2A%2F%0A%20%20%20%20%7D%0A%20%0Apre%20%2F%2A%20Code%20blocks%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%2F%2A%20Distinguish%20pre%20blocks%20from%20other%20text%20by%20more%20than%20the%20font%20with%20a%20background%20tint%2E%20%2A%2F%0A%20%20%20%20padding%3A%200%2E5em%3B%20%2F%2A%20Since%20we%20have%20a%20background%20color%20%2A%2F%0A%20%20%20%20border%2Dradius%3A%205px%3B%20%2F%2A%20Softens%20it%20%2A%2F%0A%20%20%20%20%2F%2A%20Give%20it%20a%20some%20definition%20%2A%2F%0A%20%20%20%20border%3A%201px%20solid%20%23aaa%3B%0A%20%20%20%20%2F%2A%20Set%20it%20off%20left%20and%20right%2C%20seems%20to%20look%20a%20bit%20nicer%20when%20we%20have%20a%20background%20%2A%2F%0A%20%20%20%20margin%2Dleft%3A%20%200%2E5em%3B%0A%20%20%20%20margin%2Dright%3A%200%2E5em%3B%0A%20%20%20%20%7D%0A%20%0A%40media%20screen%0A%20%20%20%20%7B%0A%20%20%20%20pre%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%2F%2A%20On%20screen%2C%20use%20an%20auto%20scroll%20box%20for%20long%20lines%2C%20unless%20word%2Dwrap%20is%20enabled%20%2A%2F%0A%20%20%20%20%20%20%20%20white%2Dspace%3A%20pre%3B%0A%20%20%20%20%20%20%20%20overflow%3A%20auto%3B%0A%20%20%20%20%20%20%20%20%2F%2A%20Dotted%20looks%20better%20on%20screen%20and%20solid%20seems%20to%20print%20better%2E%20%2A%2F%0A%20%20%20%20%20%20%20%20border%3A%201px%20dotted%20%23777%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%0Acode%20%2F%2A%20All%20inline%20code%20spans%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%0Ap%20%3E%20code%2C%20li%20%3E%20code%20%2F%2A%20Code%20spans%20in%20paragraphs%20and%20tight%20lists%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%2F%2A%20Pad%20a%20little%20from%20adjacent%20text%20%2A%2F%0A%20%20%20%20padding%2Dleft%3A%20%202px%3B%0A%20%20%20%20padding%2Dright%3A%202px%3B%0A%20%20%20%20%7D%0A%20%20%20%20%0Ali%20%3E%20p%20code%20%2F%2A%20Code%20span%20in%20a%20loose%20list%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%2F%2A%20We%20have%20room%20for%20some%20more%20background%20color%20above%20and%20below%20%2A%2F%0A%20%20%20%20padding%3A%202px%3B%0A%20%20%20%20%7D%0A%20%0A%2F%2A%20%2D%2D%2D%2D%20Math%20%2D%2D%2D%2D%20%2A%2F%0A%20%0Aspan%2Emath%20%2F%2A%20Pandoc%20inline%20math%20default%20and%20%2D%2Djsmath%20inline%20math%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%2F%2A%20Tried%20font%2Dstyle%3Aitalic%20here%2C%20and%20it%20messed%20up%20MathJax%20rendering%20in%20some%20browsers%2E%20Maybe%20don%27t%20mess%20with%20at%20all%2E%20%2A%2F%0A%20%20%20%20%7D%0A%20%20%20%20%0Adiv%2Emath%20%2F%2A%20Pandoc%20%2D%2Djsmath%20display%20math%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%20%20%20%0Aspan%2ELaTeX%20%2F%2A%20Pandoc%20%2D%2Dlatexmathml%20math%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%20%0A%20%0Aeq%20%2F%2A%20Pandoc%20%2D%2Dgladtex%20math%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%20%0A%20%0A%2F%2A%20%2D%2D%2D%2D%20Tables%20%2D%2D%2D%2D%20%2A%2F%0A%20%0A%2F%2A%20%20A%20clean%20textbook%2Dlike%20style%20with%20horizontal%20lines%20above%20and%20below%20and%20under%20%0A%20%20%20%20the%20header%2E%20Rows%20highlight%20on%20hover%20to%20help%20scanning%20the%20table%20on%20screen%2E%0A%2A%2F%0A%20%0Atable%0A%20%20%20%20%7B%0A%20%20%20%20border%2Dcollapse%3A%20collapse%3B%0A%20%20%20%20border%2Dspacing%3A%200%3B%20%2F%2A%20IE%206%20%2A%2F%0A%20%0A%20%20%20%20border%2Dbottom%3A%202pt%20solid%20%23000%3B%0A%20%20%20%20border%2Dtop%3A%202pt%20solid%20%23000%3B%20%2F%2A%20The%20caption%20on%20top%20will%20not%20have%20a%20bottom%2Dborder%20%2A%2F%0A%20%0A%20%20%20%20%2F%2A%20Center%20%2A%2F%0A%20%20%20%20margin%2Dleft%3A%20auto%3B%0A%20%20%20%20margin%2Dright%3A%20auto%3B%0A%20%20%20%20%7D%0A%20%20%20%20%0Athead%20%2F%2A%20Entire%20table%20header%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20border%2Dbottom%3A%201pt%20solid%20%23000%3B%0A%20%20%20%20background%2Dcolor%3A%20%23eee%3B%20%2F%2A%20Does%20this%20BG%20print%20well%3F%20%2A%2F%0A%20%20%20%20%7D%0A%20%0Atr%2Eheader%20%2F%2A%20Each%20header%20row%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%20%0A%20%0Atbody%20%2F%2A%20Entire%20table%20%20body%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%0A%2F%2A%20Table%20body%20rows%20%2A%2F%0A%20%0Atr%20%20%7B%0A%20%20%20%20%7D%0Atr%2Eodd%3Ahover%2C%20tr%2Eeven%3Ahover%20%2F%2A%20Use%20%2Eodd%20and%20%2Eeven%20classes%20to%20avoid%20styling%20rows%20in%20other%20tables%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20background%2Dcolor%3A%20%23eee%3B%0A%20%20%20%20%7D%0A%20%20%20%20%0A%2F%2A%20Odd%20and%20even%20rows%20%2A%2F%0Atr%2Eodd%20%7B%7D%0Atr%2Eeven%20%7B%7D%0A%20%0Atd%2C%20th%20%2F%2A%20Table%20cells%20and%20table%20header%20cells%20%2A%2F%0A%20%20%20%20%7B%20%0A%20%20%20%20vertical%2Dalign%3A%20top%3B%20%2F%2A%20Word%20%2A%2F%0A%20%20%20%20vertical%2Dalign%3A%20baseline%3B%20%2F%2A%20Others%20%2A%2F%0A%20%20%20%20padding%2Dleft%3A%20%20%200%2E5em%3B%0A%20%20%20%20padding%2Dright%3A%20%200%2E5em%3B%0A%20%20%20%20padding%2Dtop%3A%20%20%20%200%2E2em%3B%0A%20%20%20%20padding%2Dbottom%3A%200%2E2em%3B%0A%20%20%20%20%7D%0A%20%20%20%20%0A%2F%2A%20Removes%20padding%20on%20left%20and%20right%20of%20table%20for%20a%20tight%20look%2E%20Good%20if%20thead%20has%20no%20background%20color%2A%2F%0A%2F%2A%0Atr%20td%3Alast%2Dchild%2C%20tr%20th%3Alast%2Dchild%0A%20%20%20%20%7B%0A%20%20%20%20padding%2Dright%3A%200%3B%0A%20%20%20%20%7D%0Atr%20td%3Afirst%2Dchild%2C%20tr%20th%3Afirst%2Dchild%20%0A%20%20%20%20%7B%0A%20%20%20%20padding%2Dleft%3A%200%3B%0A%20%20%20%20%7D%0A%2A%2F%0A%20%0Ath%20%2F%2A%20Table%20header%20cells%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20font%2Dweight%3A%20bold%3B%20%0A%20%20%20%20%7D%0A%20%0Atfoot%20%2F%2A%20Table%20footer%20%28what%20appears%20here%20if%20caption%20is%20on%20top%3F%29%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%0Acaption%20%2F%2A%20This%20is%20for%20a%20table%20caption%20tag%2C%20not%20the%20p%2Ecaption%20Pandoc%20uses%20in%20a%20div%2Efigure%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20caption%2Dside%3A%20top%3B%0A%20%20%20%20border%3A%20none%3B%0A%20%20%20%20font%2Dsize%3A%200%2E9em%3B%0A%20%20%20%20font%2Dstyle%3A%20italic%3B%0A%20%20%20%20text%2Dalign%3A%20center%3B%0A%20%20%20%20margin%2Dbottom%3A%200%2E3em%3B%20%2F%2A%20Good%20for%20when%20on%20top%20%2A%2F%0A%20%20%20%20padding%2Dbottom%3A%200%2E2em%3B%0A%20%20%20%20%7D%0A%20%0A%2F%2A%20%2D%2D%2D%2D%20Definition%20lists%20%2D%2D%2D%2D%20%2A%2F%0A%20%0Adl%20%2F%2A%20The%20whole%20list%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20border%2Dtop%3A%202pt%20solid%20black%3B%0A%20%20%20%20padding%2Dtop%3A%200%2E5em%3B%0A%20%20%20%20border%2Dbottom%3A%202pt%20solid%20black%3B%0A%20%20%20%20%7D%0A%20%0Adt%20%2F%2A%20Definition%20term%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20font%2Dweight%3A%20bold%3B%0A%20%20%20%20%7D%0A%20%0Add%2Bdt%20%2F%2A%202nd%20or%20greater%20term%20in%20the%20list%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20border%2Dtop%3A%201pt%20solid%20black%3B%0A%20%20%20%20padding%2Dtop%3A%200%2E5em%3B%0A%20%20%20%20%7D%0A%20%20%20%20%0Add%20%2F%2A%20A%20definition%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20margin%2Dbottom%3A%200%2E5em%3B%0A%20%20%20%20%7D%0A%20%0Add%2Bdd%20%2F%2A%202nd%20or%20greater%20definition%20of%20a%20term%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20border%2Dtop%3A%201px%20solid%20black%3B%20%2F%2A%20To%20separate%20multiple%20definitions%20%2A%2F%0A%20%20%20%20%7D%0A%20%20%20%20%0A%2F%2A%20%2D%2D%2D%2D%20Footnotes%20%2D%2D%2D%2D%20%2A%2F%0A%20%0Aa%2Efootnote%2C%20a%2EfootnoteRef%20%7B%20%2F%2A%20Pandoc%2C%20MultiMarkdown%20footnote%20links%20%2A%2F%0A%20%20%20%20font%2Dsize%3A%20small%3B%20%0A%20%20%20%20vertical%2Dalign%3A%20text%2Dtop%3B%0A%7D%0A%20%0Aa%5Bhref%5E%3D%22%23fnref%22%5D%2C%20a%2Ereversefootnote%20%2F%2A%20Pandoc%2C%20MultiMarkdown%2C%20%3F%3F%20footnote%20back%20links%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%0A%40media%20print%0A%20%20%20%20%7B%0A%20%20%20%20a%5Bhref%5E%3D%22%23fnref%22%5D%2C%20a%2Ereversefootnote%20%2F%2A%20Pandoc%2C%20MultiMarkdown%20%2A%2F%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%2F%2A%20Don%27t%20display%20these%20at%20all%20in%20print%20since%20the%20arrow%20is%20only%20something%20to%20click%20on%20%2A%2F%0A%20%20%20%20%20%20%20%20display%3A%20none%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20%0Adiv%2Efootnotes%20%2F%2A%20Pandoc%20footnotes%20div%20at%20end%20of%20the%20document%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%20%20%20%0Adiv%2Efootnotes%20li%5Bid%5E%3D%22fn%22%5D%20%2F%2A%20A%20footnote%20item%20within%20that%20div%20%2A%2F%0A%20%20%20%20%7B%0A%20%20%20%20%7D%0A%20%0A%2F%2A%20You%20can%20class%20stuff%20as%20%22noprint%22%20to%20not%20print%2E%20%0A%20%20%20Useful%20since%20you%20can%27t%20set%20this%20media%20conditional%20inside%20an%20HTML%20element%27s%20%0A%20%20%20style%20attribute%20%28I%20think%29%2C%20and%20you%20don%27t%20want%20to%20make%20another%20stylesheet%20that%20%0A%20%20%20imports%20this%20one%20and%20adds%20a%20class%20just%20to%20do%20this%2E%0A%2A%2F%0A%20%0A%40media%20print%0A%20%20%20%20%7B%0A%20%20%20%20%2Enoprint%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20display%3Anone%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A" rel="stylesheet" type="text/css" />
11</head>
12<body>
13<div id="header">
14<h1 class="title">Installing and Using PGP</h1>
15<h2 class="author">pokui@nsrc.org</h2>
16</div>
17<div id="TOC">
18<ul>
19<li><a href="#notes"><span class="toc-section-number">1</span> Notes</a></li>
20<li><a href="#installation-and-use."><span class="toc-section-number">2</span> Installation and use.</a><ul>
21<li><a href="#install-gnupg-aka-pgpgpg"><span class="toc-section-number">2.1</span> Install GnuPG (aka PGP/GPG)</a></li>
22<li><a href="#generate-a-publicprivate-key-pair"><span class="toc-section-number">2.2</span> Generate a public/private key pair</a></li>
23<li><a href="#encrypt-with-gpg-using-public-key"><span class="toc-section-number">2.3</span> Encrypt with GPG using public key</a></li>
24<li><a href="#decrypting-files"><span class="toc-section-number">2.4</span> Decrypting files</a></li>
25<li><a href="#encrypting-email"><span class="toc-section-number">2.5</span> Encrypting email</a></li>
26</ul></li>
27<li><a href="#distributing-and-trusting-keys."><span class="toc-section-number">3</span> Distributing and trusting keys.</a><ul>
28<li><a href="#exporting-your-public-key-with-gpg"><span class="toc-section-number">3.1</span> Exporting your public key with GPG</a></li>
29<li><a href="#exchanging-keys"><span class="toc-section-number">3.2</span> Exchanging keys</a><ul>
30<li><a href="#mailing-keys."><span class="toc-section-number">3.2.1</span> mailing keys.</a></li>
31<li><a href="#receiving-and-importing-the-key-of-another-group-so-you-can-encrypt"><span class="toc-section-number">3.2.2</span> Receiving (and importing) the key of another group (so you can encrypt</a></li>
32</ul></li>
33<li><a href="#encrypting-files-for-your-colleague-to-read-optional."><span class="toc-section-number">3.3</span> encrypting files for your colleague to read (optional).</a></li>
34<li><a href="#encrypted-email."><span class="toc-section-number">3.4</span> encrypted email.</a></li>
35</ul></li>
36</ul>
37</div>
38<h1 id="notes"><a href="#notes"><span class="header-section-number">1</span> Notes</a></h1>
39<ul>
40<li>Commands preceded with &quot;$&quot; imply that you should execute the command as a general user - not as root.</li>
41<li>Commands preceded with &quot;#&quot; imply that you should be working as root.</li>
42<li>Commands with more specific command lines (e.g. &quot;RTR-GW&gt;&quot; or &quot;mysql&gt;&quot;) imply that you are executing commands on remote equipment, or within another program.</li>
43</ul>
44<h1 id="installation-and-use."><a href="#installation-and-use."><span class="header-section-number">2</span> Installation and use.</a></h1>
45<p>We're going to use PGP to perform encryption. First we need to install the software, then generate a public/private key pair, as we learned about during lectures.</p>
46<h2 id="install-gnupg-aka-pgpgpg"><a href="#install-gnupg-aka-pgpgpg"><span class="header-section-number">2.1</span> Install GnuPG (aka PGP/GPG)</a></h2>
47<p>This is heavily platform dependent. Download from any of the following sources depending on your operating system:</p>
48<ul>
49<li>https://www.gpg4win.org/ for windows</li>
50<li>https://www.gpgtools.org/ for OS X</li>
51</ul>
52<p>If you are using Linux then use your package manager. e.g for ubuntu:</p>
53<pre><code>$ sudo apt-get install gnupg
54$ sudo apt-get install rng-tools
55$ sudo sed -i -e 's|#HRNGDEVICE=/dev/hwrng|HRNGDEVICE=/dev/urandom|' /etc/default/rng-tools
56$ sudo service rng-tools start</code></pre>
57<p>Note that the last two steps in the Ubuntu installation notes above allow you to generate some randomness required to generate a key which is what we're going to do next.</p>
58<p>Depending on your choices while installing you may get a GUI installed, we shall use the command line which should get installed with all options. Feel free to click around the GUIs for the equivalent actions. For windows the Kleopatra GUI seems to be more intuitive but that's the opinion of the (non windows based) author.</p>
59<h2 id="generate-a-publicprivate-key-pair"><a href="#generate-a-publicprivate-key-pair"><span class="header-section-number">2.2</span> Generate a public/private key pair</a></h2>
60<p>For this step I highly recommend that you use the GUI if you installed one and figure out what to put in the various prompts as most users will generate keys this way.</p>
61<p>Run the command:</p>
62<pre><code>$ gpg --gen-key</code></pre>
63<p>you should get a menu (after some text saying:)</p>
64<pre><code>Please select what kind of key you want:
65   (1) RSA and RSA (default)
66   (2) DSA and Elgamal
67   (3) DSA (sign only)
68   (4) RSA (sign only)
69Your selection?</code></pre>
70<p>Press '1' and return.</p>
71<p>You will then be prompted to pick a key size:</p>
72<pre><code>RSA keys may be between 1024 and 4096 bits long.
73What keysize do you want? (2048)</code></pre>
74<p>Press return to accept the default of 2048</p>
75<pre><code>Requested keysize is 2048 bits</code></pre>
76<p>You will then have to decide if the key will expire in time, or remain active until explicitly revoked</p>
77<pre><code>Please specify how long the key should be valid.
78         0 = key does not expire
79      &lt;n&gt;  = key expires in n days
80      &lt;n&gt;w = key expires in n weeks
81      &lt;n&gt;m = key expires in n months
82      &lt;n&gt;y = key expires in n years
83Key is valid for? (0)</code></pre>
84<p>Press '0' and return.</p>
85<pre><code>Key does not expire at all
86Is this correct? (y/N)</code></pre>
87<p>Answer 'y', then return.</p>
88<pre><code>You need a user ID to identify your key; the software constructs the user ID
89from the Real Name, Comment and Email Address in this form:
90    &quot;Heinrich Heine (Der Dichter) &lt;heinrichh@duesseldorf.de&gt;&quot;</code></pre>
91<p>Here, enter your name, email, and an optional comment about this key:</p>
92<pre><code>Real name: Bob Bobson       &lt;-- use your name ...
93Email address: bob@bob.com  &lt;-- ... and email address here!
94Comment: sanog key          &lt;-- you can leave this blank</code></pre>
95<p>You will be asked to confirm:</p>
96<pre><code>You selected this USER-ID:
97    &quot;Bob Bobson (sanog key) &lt;bob@bob.com&gt;&quot;
98
99Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?</code></pre>
100<p>Type 'O' then return.</p>
101<p>You are then asked to enter a passphrase to protect your key:</p>
102<pre><code>You need a Passphrase to protect your secret key.
103
104gpg: gpg-agent is not available in this session
105Enter passphrase:</code></pre>
106<p>Pick a passphrase that is short enough to be typed without too much difficulty, but not too short that it can be guessed. The passphrase will not be shown.</p>
107<p>You will be asked to enter the passphrase twice.</p>
108<pre><code>Repeat passphrase:</code></pre>
109<p>You can also use the following command to list the keys in your keyrings:</p>
110<pre><code>$ gpg --list-keys</code></pre>
111<p>This will show you a list of keys. You will notice that you have not only one public/private key pair, but also have a so-called &quot;sub&quot; keys.</p>
112<pre><code>/home/sanog/.gnupg/secring.gpg
113-------------------------------
114sec   2048R/C9FBE546 2013-07-30
115uid                  Bob Bobson (sanog key) &lt;bob@bob.com&gt;
116ssb   2048R/3BE8FE75 2013-07-30</code></pre>
117<p>One interesting feature of PGP is the ability to <em>sign</em> keys. This means that you can ask a third party you trust, and more importantly, who trusts you, to use their <em>private</em> key to &quot;sign&quot; <em>your</em> <em>public</em> key. This is a way for them to say &quot;I believe this person really is who they say they are, and here's my proof&quot;.</p>
118<ul>
119<li>Why is it necessary to sign keys ?</li>
120<li>Can anyone create a key and pretend to be another person ?</li>
121<li>Can you think of a way to make sure that a given key really belongs to the person listed on the key ?</li>
122<li>What do you think are the benefits of signing keys ?</li>
123</ul>
124<p>Sometimes, you will find that it is necessary to get rid of &quot;old&quot; keys, and make some new ones. But what if many people have signed your key ?</p>
125<p>Not to worry! People who have signed your key actually sign your &quot;Master key&quot;.</p>
126<p>Master keys are used to sign sub keys. Which means, that you can replace those, and still benefit from the &quot;trust&quot; of those who have signed your master key..</p>
127<h2 id="encrypt-with-gpg-using-public-key"><a href="#encrypt-with-gpg-using-public-key"><span class="header-section-number">2.3</span> Encrypt with GPG using public key</a></h2>
128<p>It's time to encrypt files with GPG.</p>
129<p>Create a plain text file called &quot;my-secrets-myname.txt&quot; using your favourite text editor. On windows use notepad rather than microsoft word. On Linux (and OS X) you can use &quot;vi&quot; from the terminal or a GUI text editor with the following contents. Remember that for windows you're better off creating a directory say c:where you'll put this file and &quot;cd&quot; to it before running the gpg commands bellow.</p>
130<pre><code>My name is &quot;My Name&quot;
131
132My credit card number is 1234-5678-9012-3456
133
134The password for my phone is 42</code></pre>
135<p>Once that is done, let's encrypt the file:</p>
136<pre><code>gpg -e my-secrets-myname.txt</code></pre>
137<p>GPG is going to tell you you didn't include a recipient / user ID.</p>
138<pre><code>You did not specify a user ID. (you may use &quot;-r&quot;)
139
140Current recipients:
141
142Enter the user ID.  End with an empty line:</code></pre>
143<p>Here, you can just write your own email (userid) you chose earlier, for example: bob@bob.com if that is your email:</p>
144<pre><code>Current recipients:
1452048R/3BE8FE75 2013-07-30 &quot;Bob Bobson (sanog key) &lt;bob@bob.com&gt;&quot;</code></pre>
146<p>It then asks you if there are other recipients. Just press RETURN to continue without adding more recipients.</p>
147<p>Normally, GPG should finish quietly and leave you back at the shell.</p>
148<p>Verify that you now have encrypted files present in your directory:</p>
149<pre><code>$ ls -l my-secrets-myname.txt*
150-rw-rw-r-- 1 sanog sanog 102 Jul 30 12:45 my-secrets-myname.txt
151-rw-rw-r-- 1 sanog sanog 441 Jul 30 14:30 my-secrets-myname.txt.gpg</code></pre>
152<p>or on windows:</p>
153<pre><code>C:\exercise&gt;dir
154 Volume in drive C has no label.
155 Volume Serial Number is 0CB2-23B5
156
157 Directory of C:\exercise
158
15901/18/2014  05:04 AM    &lt;DIR&gt;          .
16001/18/2014  05:04 AM    &lt;DIR&gt;          ..
16101/18/2014  05:03 AM               105 my-secrets-myname.txt
16201/18/2014  05:04 AM               443 my-secrets-myname.txt.gpg
163               2 File(s)            548 bytes
164               2 Dir(s)  47,657,218,048 bytes free
165
166C:\exercise&gt;</code></pre>
167<p>if you try to view the contents of this file you'll find that it's a binary blob. e.g. on linux:</p>
168<pre><code>$ cat my-secrets-myname.txt.gpg</code></pre>
169<p>or on windows:</p>
170<pre><code>C:\exercise&gt;type my-secrets-myname.txt.gpg</code></pre>
171<p>Let's encrypt with an ASCII encoding - and this time we'll save time and specify the recipient directly with the '-r' flag:</p>
172<pre><code>$ gpg -a -e -r bob@bob.com my-secrets-myname.txt</code></pre>
173<p>By the way, do you notice anything ?</p>
174<p>Hint: Did you have to specify the passphrase at any point to ENCRYPT ?</p>
175<p>Check the contents of the directory again:</p>
176<pre><code>$ ls -l my-secrets-myname.txt*
177-rw-rw-r-- 1 sanog sanog 102 Jul 30 12:45 my-secrets-myname.txt
178-rw-rw-r-- 1 sanog sanog 441 Jul 30 14:30 my-secrets-myname.txt.gpg
179-rw-rw-r-- 1 sanog sanog 694 Jul 30 14:40 my-secrets-myname.txt.asc</code></pre>
180<p>You should see an &quot;.asc&quot; file present.</p>
181<p>Look at its contents!</p>
182<p>Now, you can delete the original .txt file.</p>
183<pre><code>$ rm my-secrets-myname.txt</code></pre>
184<h2 id="decrypting-files"><a href="#decrypting-files"><span class="header-section-number">2.4</span> Decrypting files</a></h2>
185<p>To decrypt a file with GnuPG/PGP, all you have to do is type:</p>
186<pre><code>$ gpg my-secrets-myname.txt.asc</code></pre>
187<p>GnuPG/GPG automatically figures out who the file is encrypted for, and checks to see if you are in possession of the private key (you are), and you are prompted for your <em>passphrase</em>:</p>
188<pre><code>You need a passphrase to unlock the secret key for
189user: &quot;Bob Bobson (sanog key) &lt;bob@bob.com&gt;&quot;
1902048-bit RSA key, ID 3BE8FE75, created 2013-07-30 (main key ID C9FBE546)
191
192gpg: gpg-agent is not available in this session
193Enter passphrase:</code></pre>
194<p>If the file original file still exists, then gpg will ask you before it overwrites it:</p>
195<pre><code>File `my-secrets-myname.txt' exists. Overwrite? (y/N) y</code></pre>
196<p>If you answer 'y', it will overwrite as indicated.</p>
197<p>Look at the contents of the file 'my-secrets-myname.txt' and confirm that they are correctly decrypted!</p>
198<h2 id="encrypting-email"><a href="#encrypting-email"><span class="header-section-number">2.5</span> Encrypting email</a></h2>
199<p>The tools you downloaded also include plugins for the various mail user agents that are commonly used on the relevant platform. E.g if you use mail.app on OS X you already have a GNU PG plugin installed and for windows GpgOL will have installed an Outlook plugin.</p>
200<p>If you use Thunderbird, you have to download and install enigmail using your Add-ons manager. The most important configuration item you'll have to specify is the location of the gpg binary. On OS X that is /usr/local/bin/gpg which will be a symlink to /usr/local/MacGPG2/bin/gpg2. On windows &quot;C:Files.exe&quot;.</p>
201<p>In either case you end up with a compose window that includes an &quot;OpenPGP&quot; selection that allows you to pick a key and encrypt the email to that person.</p>
202<p>Question: How do you get the public key of the person you want to send the email to? And how do you ensure that the key that you've received is in fact for the person you want to send the mail to?</p>
203<p>For now you should be able to send yourself an encrypted email and receive it and decrypt it in your mailer. Try that now.</p>
204<h1 id="distributing-and-trusting-keys."><a href="#distributing-and-trusting-keys."><span class="header-section-number">3</span> Distributing and trusting keys.</a></h1>
205<h2 id="exporting-your-public-key-with-gpg"><a href="#exporting-your-public-key-with-gpg"><span class="header-section-number">3.1</span> Exporting your public key with GPG</a></h2>
206<p>The first step is to export your public key in a form that can be copied and imported by your colleagues.</p>
207<p>Remember, to see which keys you have in your key ring, use the following command:</p>
208<pre><code>$ gpg --list-keys</code></pre>
209<p>The output will be a list of the keys contained in your keyring:</p>
210<pre><code>/home/sysadmY/.gnupg/pubring.gpg
211-------------------------------
212pub   2048R/C9FBE546 2013-07-30
213uid                  Bob Bobson (sanog key) &lt;bob@bob.com&gt;
214sub   2048R/3BE8FE75 2013-07-30</code></pre>
215<p>Let's make a copy of our public key, and place it in a text file, ready to be sent to our friends and colleagues.</p>
216<p>Note: a key can be addressed in one of several ways:</p>
217<ul>
218<li>using the fingerprint (here, C9FBE546) - this is the preferred method as it's garanteed to be unique</li>
219<li>using an email address, for example, bob@bob.com</li>
220<li>using part of the name (&quot;bob&quot;) - but there can be many people called &quot;bob&quot; in your keyring!</li>
221</ul>
222<p>We'll use the email address:</p>
223<pre><code>$ gpg --export -a --output myname-key.asc my@email.address</code></pre>
224<p>... of course, replace myname with your name (no spaces!) and replace me@email.address with the email address you entered when you created your key in the previous exercise. That is the email address you see when running &quot;gpg --list-keys&quot;.</p>
225<p>This will produce a file &quot;myname-key.asc&quot;. You can view its contents using the &quot;less&quot; or &quot;more&quot; command:</p>
226<pre><code>$ less myname-key.asc</code></pre>
227<p>You will see something similar:</p>
228<pre><code>-----BEGIN PGP PUBLIC KEY BLOCK-----
229Version: GnuPG v1.4.11 (GNU/Linux)
230
231mQENBFH3yPkBCAC2DHRIk6FXiovejBXlNgZdnapHqq7OwascfluD+qX7wDk93etX
2324Y+GfSLC2vlC4tNlB9VEYgMAY61sQC31ZoY9vr5MfJnZPcN+3Byzx2G0d8lwnH0g
233[...]
234t1CdT+UawL0dWu4bkNHjC8qwBgOPedS/VBJqlJl4TWg832CXRYI=
235-----END PGP PUBLIC KEY BLOCK-----</code></pre>
236<h2 id="exchanging-keys"><a href="#exchanging-keys"><span class="header-section-number">3.2</span> Exchanging keys</a></h2>
237<p>Let's stop for a second and think:</p>
238<ul>
239<li><p>To be able to <em>encrypt</em> files that only a certain person can decrypt, you will need a copy of THEIR public key</p></li>
240<li><p>Therefore, if someone else in the class wants to send you an encrypted file or a message, then will need a copy of YOUR public key</p></li>
241</ul>
242<p>This is a three step approach:</p>
243<ol style="list-style-type: decimal">
244<li><p>Import the key of the person you wish to send encrypted files/messages to</p></li>
245<li><p>Encrypt the message/file using the public key of that person (recipient)</p></li>
246<li><p>Communicate (copy) the message to the recipient</p></li>
247</ol>
248<p>NOTE NOTE NOTE: You don't have to send your key to the same person/group you received a key from. You can pick another group.</p>
249<p>Once you've agreed who you will send messages to, and which other person you will receive messages from, proceed with the steps below:</p>
250<h3 id="mailing-keys."><a href="#mailing-keys."><span class="header-section-number">3.2.1</span> mailing keys.</a></h3>
251<p>For now we shall mail each other the <em>public</em> key that we've just created. Ensure that you do <em>not</em> send anyone your <em>private</em> key. Note that this is very insecure. If anyone intercepts this email they can easily replace the attachment.</p>
252<p>Open your mail client and attach the key you just exported as a file. (Some PGP plugins for mail clients allow you to do both the export and exchange step within the mailer)</p>
253<h3 id="receiving-and-importing-the-key-of-another-group-so-you-can-encrypt"><a href="#receiving-and-importing-the-key-of-another-group-so-you-can-encrypt"><span class="header-section-number">3.2.2</span> Receiving (and importing) the key of another group (so you can encrypt</a></h3>
254<p>When you receive the email, save the attachment and either use your GUI to add it to your keyring (look for an &quot;import&quot; option) or do this from the command line:</p>
255<pre><code>$ gpg --import theirname-key.asc</code></pre>
256<p>You will see:</p>
257<pre><code>gpg: key E24ACC69: public key &quot;Alice (Alice) &lt;alice@eve.com&gt;&quot; imported
258gpg: Total number processed: 1
259gpg:               imported: 1  (RSA: 1)</code></pre>
260<p>At this point, the key of your correspondent is now imported into your keyring.</p>
261<p>Verify this:</p>
262<pre><code>$ gpg --list-keys</code></pre>
263<p>The output should be similar to this:</p>
264<pre><code>/home/sysadmY/.gnupg/pubring.gpg
265-------------------------------
266pub   2048R/C9FBE546 2013-07-30
267uid                  Bob Bobson (sanog key) &lt;bob@bob.com&gt;
268sub   2048R/3BE8FE75 2013-07-30
269
270pub   2048R/E24ACC69 2013-07-31
271uid                  Alice (Alice) &lt;alice@eve.com&gt;
272sub   2048R/438E172B 2013-07-31</code></pre>
273<p>... note that your public keyring now contains two keys!</p>
274<p>Note: you can verify that you still only have your own SECRET key in your SECRET keyring - verify this with the command:</p>
275<pre><code>$ gpg --list-secret-keys</code></pre>
276<p>... you should only see your own key. This is expected: you only imported the PUBLIC key of your colleague.</p>
277<h2 id="encrypting-files-for-your-colleague-to-read-optional."><a href="#encrypting-files-for-your-colleague-to-read-optional."><span class="header-section-number">3.3</span> encrypting files for your colleague to read (optional).</a></h2>
278<p>You could opt to encrypt the text file we had earlier and chose your collegue's key instead of yours as follows: (don't do this for now)</p>
279<pre><code>$ gpg -a -e -r alice@eve.com my-secrets-myname.txt</code></pre>
280<p>You will see output similar to this:</p>
281<pre><code>gpg: 438E172B: There is no assurance this key belongs to the named user
282
283pub  2048R/438E172B 2013-07-31 Alice (Alice) &lt;alice@eve.com&gt;
284 Primary key fingerprint: 23F5 A6B0 98CC C571 B8DE  9B29 9EDB 8FBE E24A CC69
285      Subkey fingerprint: 7062 E046 C0B6 993A 6C62  5E57 657D 4930 438E 172B
286
287It is NOT certain that the key belongs to the person named
288in the user ID.  If you *really* know what you are doing,
289you may answer the next question with yes.
290
291Use this key anyway? (y/N) y</code></pre>
292<p>Notice how you are being informed that you have no proof that this key really belongs to this person...</p>
293<p>Think about the implications!</p>
294<p>Note: you might be told the file already exists and you should overwrite it:</p>
295<pre><code>File `my-secrets-myname.txt.asc' exists. Overwrite? (y/N)</code></pre>
296<p>You should end up with a new file that is only decryptable by alice@eve.com. You then have to figure out how to send it to them say by putting it on a flash disk or similar.</p>
297<h2 id="encrypted-email."><a href="#encrypted-email."><span class="header-section-number">3.4</span> encrypted email.</a></h2>
298<p>We shall skip to sending email. Open your mail client and send an email to alice@eve.com (replace this with a colleague for whom you have a key). Before clicking send, find the openPGP prompt and select &quot;encrypt&quot; and it should generate an email that will be sent to your colleague and they'll need to decrypt it to read it.</p>
299</body>
300</html>