The program Passwords and Encryption Tools can be used to create and manage SSH and PGP keys. It can be accessed from the menu bar by going to Applications -> Accessories -> Passwords and Encryption Keys, and provides a nice way to manage encryption keys in perhaps a more user friendly manner; although everything done using this tool can also be accomplished in the terminal.
In Ubuntu, encryption keys created using the Passwords and Encryption Keys program can be used to encrypt files by right clicking on them and selecting Encrypt, but apparently this option is not available in Fedora 13 (At least I don’t seem to have it).
Creating a New PGP Key
Before encrypting files and mail, a new PGP key must first be created, unless you already have one, by going to File -> New. Select PGP Key and then select continue. Enter in your full name, email address, and a comment if you choose to. Under the advanced key options, the encryption method and other encryption settings can be modified if you know what you’re doing. By default the key will be created using RSA encryption.
When you’re ready, select create at the bottom of the screen. A screen will pop up and request the pass-phrase for the key. Enter in the pass-phrase and then hit next. It will take a few moments for the key to be generated.
This creates both a public and private key. The public key can be sent to anyone, and is used for encrypting files. The private key should not be shared with anyone and hidden in a safe place. It is used for decrypting files.
Encrypting Files With Your PGP Key
Encrypting files and folders can be done by using the gpg command. However, only files can be encrypted using gpg. To encrypt a folder, use the tar command to create a gzipped tar file, and then encrypt the compressed tar file. To get started, open up a terminal and enter in the command below:
gpg --list-keys
This will list all of your PGP keys, but the public key id can also be found on the right side of the Passwords and Encryption Keys window. Take note of the key id for the public key you just created. To encrypt a file run the following command, where [key id] is the id of your public key and [file] is the file you wish to encrypt:
gpg --default-key [key id] --encrypt [file]
Make sure any files that are encrypted are not stored with the private key, or this would defeat the purpose of encrypting a file since the private key is used for decryption.
To decrypt a file run the following command:
gpg --output [output file name] --decrypt [encrypted file].
Encrypting Mail Using Thunderbird
In order to encrypt mail messages, Thunderbird requires the enigmail addon, which can be downloaded through yum.
sudo yum install thunderbird-enigmail
Once enigmail is installed, open up Thunderbird. In the menu bar should be a new drop-down menu titled OpenPGP. Go to OpenPGP – > Setup Wizard. Read through the next few screens carefully, and follow the steps. Everything is fairly straight forward, and there should be no difficulty in setting things up. Eventually a prompt will require the encryption key, and the one that was previously created can be chosen or alternatively a new one may be created. At the end of the setup process it will be possible to sign and encrypt all email messages through Thunderbird.
Blog RSS
Brad's Blog 