[Discuss] PGP Basics
Jerry Feldman
gaf at blu.org
Mon Oct 10 19:06:28 EDT 2011
On 10/10/2011 11:14 AM, Kyle Leslie wrote:
> Hola Everyone. With the recent talk about PGP and the growing need for its
> use at my company I have been trying to learn about it.
>
> I am having a mental roadblock with it's usage though. I understand how
> encryption works but I can't seem get through a few of the basics.
>
> How do I get my Key(s), how do I encrypt and and send things encrypted
> (email, zip's, etc.) I am getting closer by playing around with the tools I
> have but how do I know what are trusted sources.
>
> For instance, my company has a PGP Key server with the Symantec PGP Desktop
> application. For what ever reason 64 bit windows is having a lot of trouble
> with the application so I decided to look else where and check out some open
> source tools. I came across GNUPG.org, downloaded the windows version and
> have created a key. So now I have my PGP Fingerprint (if I understand
> correctly that is my shared key so you can open my files). Do I then need
> to get the public key from the "Trusted Sender" in order to open anything
> they send? (I realize this is a windows app I am talking about
> specifically, but the functionality of encrypting sending and receiving
> files should be universal).
>
> Suggestions for good apps to run on linux machine?
>
> Are there separate applications/plug-ins I can download for email clients?
Basically you have 2 keys. a private key that is normally stored locally
in your keyring, and the public key that is also in your keyring.
Normally we upload our public keys to a public key server, such as
subkeys.pgp.net or pgp.mit.edu. Most Linux email programs either work
directly with GNUPG or have plugins, such as enigmail on Thunderbird.
One issue I have with enigmail is that occasionally when I get an update
on Thunderbird, I need a new enigmail, but I may have to wait a day for
it to become available on the repo.
In general, in email we either digitally sign our emails so that the
recipient knows the email comes from us, or if we need to encrypt the
email, it is both encrypted and signed. So, if you have an email program
with a PGP or GPG plugin, you should detect that the email is signed,
and if you download my public key from a keyserver you will know it came
from me.
There are many ways to establish trues, such as an exchange of ids at a
key signing party, or privately.
If I want to send an encrypted email to you, I would encrypt it with
your public key so that the only way to decrypt it is with your private
key. Same way, if you want to send me an encrypted email, you can send
it encrypted with my public key, and I would decrypt it with my private
key. Theoretically this should work in Windows 64-bit.
--
Jerry Feldman<gaf at blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66 C0AF 7CEA 30FC 3BC1 EB90
More information about the Discuss
mailing list