[clug-talk] GPG success

Jarrod Major jmajor at nucleus.com
Sun Sep 4 23:27:24 PDT 2005 

Hey Gang,

Well I decided to tackle the GPG thing. For those of you that have been around 
long enough, you know that I have been interested in this since Aaron 
presented it to the group many moons ago. I was able to successfully set up a 
GPG key on my system in the past but could never figure out why I could not 
encrypt anything with it. People had complained that it was hard to verify me 
as well even though I thought I was using a well known keyserver.

So I went back to the drawing board as it were. I created a new key. I was 
curious that I was presented with only some of the choices for the kind of 
key I wanted from what I remembered from my last gen-key. I set up my 
previous key as RSA (a bad choice as I was to find out today). Today I set up 
my key as the default; (1) DSA and ElGamal. Upon checking the keys in my 
keyring, I found that most of them were also DSA. So I figured I was on to 
something. The subsequent notes beside the types should have been a clue as 
well, I suspect the RSA I had chosen previously would only enable me to sign 
but not encrypt. DSA and ElGamal appear to let you do both.

After a little tinkering and playing with settings, I now have my new key in 
place and KDE has a nice little applet called KGpg which allows me to manage 
my keys a little easier and see who I have at a glance amongst other things. 
It hooks into CLI for the advanced stuff but I am quite comfortable dealing 
with this now too. I have Kmail setup to use my new key and lo and behold I 
can now send fully encrypted messages! I sent a test to myself and when I 
checked my mail with Webmail, the message was in fact encrypted. When I 
received it in Kmail, it prompted me for my passphrase and once input, it 
gave me my decrypted message.

Very cool!

I think I have enough of a grasp of this now to impart my knowledge to anyone 
else interested in taking advantage of strong cryptography. However, 
following the directions at http://www.gnupg.org/gph/en/manual.html is pretty 
straightforward. I still have some questions myself but I feel confident that 
things are set up pretty well and I can deal with sending encrypted messages 
to anyone I have in my keyring and likewise I can encrypt files for the same.

I feel so empowered, I like that.

FYI, I will have my new user ID, email that the key is associated with and my 
new fingerprint (same as below) at the meting on Wednesday for anyone that 
wants it. And yes, I will show you my driver's license to verify that I am 
who I say I am. For those that have my old key, obviously you have to 
update... I haven't yet killed it but it isn't long for this world as I don't 
really know what use it could be at this point and it's just more confusing 
than anything else.

Good fun! I highly encourage everyone to try this out
-- 
Jarrod Major
4556 EFA8 EC69 7C54 EE33  C881 2C7C 0E10 2439 231E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/clug-talk_clug.ca/attachments/20050905/02981bc2/attachment.bin

More information about the clug-talk mailing list