Schlagwort-Archive: PGP

Create GPG Key

Not even to encrypt email content but files too it’s easily done using GPG2. So here we go:

gpg2 --full-gen-key

List your keys and get more detailed information:

gpg2 --list-keys
gpg2 --fingerprint <KEY-ID>

Generate revocation certificate or export key:

gpg --output revoke.asc --gen-revoke <KEY-EMAIL>
gpg --armor --output public-key.gpg --export <KEY-EMAIL>

To link your gpg key to an email address open your mail software, e.g. Evolution or Thunderbird, and add <KEY-ID> to your account settings.

A more detailed guide can be found on linode.com.

Set or Extend PGP Expiration Date

If expiration date of a pgp key got reached this key cannot be used for encryption. In general it’s a good choice to set an expiration date as mentioned on riseup.net:

People think that they don’t want their keys to expire, but you actually do. Why? Because you can always extend your expiration date, even after it has expired! This “expiration” is actually more of a safety valve or “dead-man switch” that will automatically trigger at some point. If you have access to the secret key material, you can untrigger it. The point is to setup something to disable your key in case you lose access to it (and have no revocation certificate).

It’s not hard to extend the expiration date. So here you go:

gpg2 --list-keys
gpg2 --edit-key <KEY-ID>

Now you’re in the gpg console. (By default, you’re working on the primary key.) If you need to update a sub-key:

gpg> expire
(follow prompts)
gpg> save

Now that you’ve updated your key, you can send it out:

gpg2 --keyserver pgp.mit.edu --send-keys <KEY-ID>

Thanks to the comment at superuser.com.

PGP Public Key

Datenschutz und -sicherheit steht dieser Tage dick angeschrieben. Neben der verschlüsselten Datenübertragung (SSL, VPN, etc.) gilt es auch, Daten auf Servern verschlüsselt abzulegen. Das gilt insbesondere für den elektronischen Postversand, da Webhoster (u.a.) praktisch unbegrenzten Zugriff auf unseren Mailverkehr besitzen.

PGP hat sich zu diesem Zweck als quasi Standard durchgesetzt. Entsprechende Schlüssel dafür zu Erstellen, benötigt zwar etwas Arbeit – Lohn ist eine sichere Kommunikation. Hier mein PGP-Schlüssel:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.22 (MingW32)

mQENBFPM7fEBCAC+o47v+Hd0bZ5xHjLz1e9AXUabzdVZD0Tj8JcQzem50rjH0IKo
fzeCmFvNZA3fQ2wDMtMgb57gu2IfbJ9EBBL4QlxXY3ZWHaA/EAl2WZIIr5sCKDUg
B3Smn41bvMf/iLgHMSU1ZXz7IZUVqPBjf7JYfUwS6cCNoYNCSbuNyEsyYI+kQrkI
gdjHZFKGYUnHviNN/cbbU2a2mA6hmKapqgfJ5yw/aVxKlLl6wGDqFp6QccDXY2L1
yxF0VKlTZkOaB3++TP3HK0w56b+COCUo8/As8ZzHAT8QuC1zaeqZUmu02lkJzyIg
Bd8XL+ALpNbfZsuTIkOlMoey1f96kUdsIHV3ABEBAAG0IUlCU0VmZWhzZSA8c2Vy
dmljZUBpYnNlLWZlaHNlLmRlPokBPwQTAQIAKQUCVgrb5gIbIwUJCWYBgAcLCQgH
AwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEMV6GzJFumOoZ90IAL5Wj2a/AqbNDEMg
oXpFeJ9KyU2/siyW6Cs49ODbFbK/D5NolL49bhISgRe6mJ+f+vJw9Fz6H29e+lW4
sKSWjjFVAOshNDpwL5D5TdRGP8VlkZlk63P9StIBq8gQXlwzoaQyFlg14UAlhNi0
CQDVtcgb/UrAjYfd3QRQkDGoI+KW+/MCk/q/2fxEmHDCtplUzopqiaD0H9AJybpb
tu4JO+kYSLATh6dQ8hMhDKBiTxw3oAOxnGJ6bHtxK9vtywtgkHwyeLtlIz13H0oX
OpOJ0aWYOKCOAiNZ7BdcrxFJe2nD+TqYunDEP0Tc8Jd/7uDu7G910R+lgl1GvMgd
sWjXnau0I0lCU0VmZWhzZSA8d2VibWFzdGVyQGlic2UtZmVoc2UuZGU+iQE/BBMB
AgApBQJWCttKAhsjBQkJZgGABwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQ
xXobMkW6Y6hCfgf/aHzWcU6o+CPpZCy2yxK89N4IgMEIjYhDWa1Kq14PH6htnMkF
6hiJCm7eByF+06GbIU++N+MqtLqx1/nQRjdJCwrfb0cIdfwmtRqNv0U6ESTdjmwL
vqhnM9g/KH4UqRt1hYlyf+GbMu9mfzLvH4uWROJKpCEWe2hdvubZYZHXRuVLAjb1
/rAf0z+jG3dE/q2CQd1++kgc6mPRt7ct4M3P2Z7nicf/XhohBzq8Y6pacGuMgg1/
NYUExj/9VSwLXPljBjPnNCj3GAvOdEFKP6VGYrkYs2RJP23FSVS2FpBz2UqUATb6
oyMigxDKak7c0kuKilxP8TVKeLQY2yRj6cKot7QlTWF0dGhpYXMgRmVoc2UgPG1m
ZWhzZUBpYnNlLWZlaHNlLmRlPokBQgQTAQIALAIbIwUJCWYBgAcLCQgHAwIBBhUI
AgkKCwQWAgMBAh4BAheABQJWCtv4AhkBAAoJEMV6GzJFumOoZzQH/1UXZ3MKOzdI
+GqMnE87SgD4fLCaFOjtZnALjXDefRzDtqUT2c21FPcpeyAHcxVeyYD70teLWD9w
P4iC1ZvZYO4NuZmhGOALSrNmwUbf50p5+rrvW37yycbhvzmHw7dIsx0DdvIWUhAQ
O/5YnQ1pACNIr1LPzpONgteRfC97adjTKW69l0/FoI5Sk1wVpNqxfDTu3/b1LX6C
gJF4EWEjQR62mssNJANsk0fcQ86XpAoEQs3OTLDUJyVqvZHJ1UZG5qGHIvIHWAdW
Af0c+TWZ4mp29aqINTomndbgUDIjrBAJmHI3UiqkEO5c4O5U8x/acOyxlgwhjCa6
QQ1eTMXhTte5AQ0EU8zt8QEIAN8pGlRJzlPAYsPDMvFXhBSp76dhloclVR/8atR4
lyTH6+UBARkUI0gYKlvd1wWzq9p2q077+pm4GyTCncYT6mOdIiVIZmahx8b6zMPp
Nj2PK/2VY5soIGawgenONSOGAVELW5BNWBuXJBCVGVZ4aogSdNTXsUYlRwTrE31K
lv+LcgyT3/0c+Xw41FPsZd3lGlzeaIejxAlsiCie1tqlJaGW9B475e75LZsqyTBU
QUqpW08cINh/KUXOST7mjTWo+UOr8XGybbc0VjwdOe/63bzF3aQ3MZ+rdhulZzLb
d7gsdTl3EEw7NIuzhsRr2wxpVOpZOdQ5vh0aYSCKiMULp8UAEQEAAYkBJQQYAQIA
DwUCU8zt8QIbDAUJCWYBgAAKCRDFehsyRbpjqMIYB/9WvXzhKbjYcU7L4K4rd7hS
rN5gGjl7H/cf0LtyqSm0+vQLfr84cjvpao8jV3l/NF/sZe5Z5ydqRajpLwRmNSpO
CZ3JPtxApzdidoafyQ2eV8psl8jC7s8tDPe/dM+BLG2uzFWeo4Pu1v/Sl7FMdmyg
YMwhA9qPxlHoAHwpGjMUieoNUeF3VkfZ8e3OK9hy6MEgcqCk9RgLZVGIwfDJp4VW
9+6hzFGmW32pvRDtfAqqoB3C0K/yE76p9Mn5CKX19SbX73n15S1zIgifcKZq0jWW
jG95cqCsHu8UcMud6VMOIPEAh/BZxREbr50Rkc5ZkkYBEjmPlNLTIMQdBmTA3FZq
=khKe
-----END PGP PUBLIC KEY BLOCK-----

Dieser Schlüssel gilt für folgende eMail-Adressen

  • service@ibse-fehse.de
  • webmaster@ibse-fehse.de

und wird über pool.sks-keyservers.net bzw. pgp.mit.edu zum Import bereitsgestellt.