3.5. GNU Privacy Guard (GPG)
GnuPG (GPG) is an open source version of PGP that allows you to sign and and also encrypt a file or an email message. This is useful to maintain integrity of the message or file and also protects the confidentiality of the information contained within the file or email. In the case of email, GPG provides dual protection. Not only can it provide Data at Rest protection but also Data in Motion protection once the message has been sent across the network. Refer to Section 3.1, “Data at Rest” and Section 3.2, “Data in Motion” for more information about these concepts.
GPG is used to identify yourself and authenticate your communications, including those with people you do not know. GPG allows anyone reading a GPG-signed email to verify its authenticity. In other words, GPG allows someone to be reasonably certain that communications signed by you actually are from you. GPG is useful because it helps prevent third parties from altering code or intercepting conversations and altering the message.
3.5.1. Creating GPG Keys in GNOME
To create a GPG Key in GNOME, follow these steps:
- Install the Seahorse utility, which makes GPG key management easier:
~]#
yum install seahorse
- To create a key, from the
menu select , which starts the application Seahorse. - From the PGP Key. Then click .menu select and then
- Type your full name, email address, and an optional comment describing who you are (for example: John C. Smith, jsmith@example.com, Software Engineer). Click. A dialog is displayed asking for a passphrase for the key. Choose a strong passphrase but also easy to remember. Click and the key is created.
Warning
If you forget your passphrase, you will not be able to decrypt the data.
To find your GPG key ID, look in the Key ID column next to the newly created key. In most cases, if you are asked for the key ID, prepend
0x
to the key ID, as in 0x6789ABCD
. You should make a backup of your private key and store it somewhere secure.