mirror of
https://github.com/Snigdha-OS/documentation.git
synced 2025-09-05 19:06:37 +02:00
📝 docs(_add): guide to generate gpg keys
This commit is contained in:
Eshan Roy
@@ -1,4 +1,180 @@
|
||||
---
|
||||
sidebar_position: 3
|
||||
---
|
||||
# Generate GPG Key
|
||||
# Generate GPG Key
|
||||
### 🔐 How to Generate a GPG Key on Snigdha OS
|
||||
|
||||
GPG (GNU Privacy Guard) is a tool for secure communication and data encryption. It allows you to create and manage public and private keys, encrypt files, and sign documents. Here’s how you can generate a GPG key on Snigdha OS, step by step, with examples.
|
||||
|
||||
---
|
||||
|
||||
### 🛠️ Step 1: Install GPG
|
||||
|
||||
Most Snigdha OS installations come with GPG pre-installed. If it’s not installed, use the following command to install it:
|
||||
|
||||
```bash
|
||||
sudo pacman -S gnupg
|
||||
```
|
||||
|
||||
To verify the installation, check the version:
|
||||
|
||||
```bash
|
||||
gpg --version
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
### 🛠️ Step 2: Create a New GPG Key Pair
|
||||
|
||||
1. **Start the key generation process**:
|
||||
|
||||
Run the following command:
|
||||
|
||||
```bash
|
||||
gpg --full-generate-key
|
||||
```
|
||||
|
||||
2. **Select the key type**:
|
||||
|
||||
You’ll see a prompt to choose the type of key. Options typically include:
|
||||
- **(1) RSA and RSA (default)**
|
||||
- (2) DSA and Elgamal
|
||||
- (3) DSA (sign only)
|
||||
- (4) RSA (sign only)
|
||||
|
||||
Press `1` and hit Enter to select the default **RSA and RSA** type.
|
||||
|
||||
3. **Set the key length**:
|
||||
|
||||
You’ll be prompted to specify the key size. A common recommendation is **4096 bits** for strong encryption. Type `4096` and press Enter.
|
||||
|
||||
4. **Set the expiration date**:
|
||||
|
||||
You can define how long the key should be valid. Options include:
|
||||
- `0` for no expiration
|
||||
- Specify a duration, e.g., `1y` for one year, `2y` for two years, or `1m` for one month.
|
||||
|
||||
For this example, type `0` (no expiration) and press Enter. When prompted, confirm your choice.
|
||||
|
||||
5. **Enter your details**:
|
||||
|
||||
You’ll be asked for:
|
||||
- **Your real name**: Enter your full name.
|
||||
- **Your email address**: Enter a valid email address.
|
||||
- **A comment (optional)**: Add a description or leave it blank.
|
||||
|
||||
Example:
|
||||
```
|
||||
Real name: John Doe
|
||||
Email address: johndoe@example.com
|
||||
Comment: Snigdha OS User
|
||||
```
|
||||
|
||||
Review the details and confirm by typing `O` (for OK).
|
||||
|
||||
6. **Set a passphrase**:
|
||||
|
||||
Choose a strong passphrase to protect your private key. This passphrase will be required whenever you use your private key for encryption or signing.
|
||||
|
||||
---
|
||||
|
||||
### 🛠️ Step 3: Verify the Generated Key
|
||||
|
||||
Once the key is generated, you can list your keys with:
|
||||
|
||||
```bash
|
||||
gpg --list-keys
|
||||
```
|
||||
|
||||
Output:
|
||||
```
|
||||
/home/username/.gnupg/pubring.kbx
|
||||
---------------------------------
|
||||
pub rsa4096 2023-12-05 [SC] [expires: 2025-12-05]
|
||||
ABCD1234EFGH5678IJKL9012MNOP3456QRST7890
|
||||
uid [ultimate] John Doe <johndoe@example.com>
|
||||
sub rsa4096 2023-12-05 [E] [expires: 2025-12-05]
|
||||
```
|
||||
|
||||
- **pub**: Your primary key (for signing and certification).
|
||||
- **sub**: Subkey (for encryption).
|
||||
- **[SC]**: Key capabilities: Sign and Certify.
|
||||
- **[E]**: Encryption.
|
||||
|
||||
---
|
||||
|
||||
### 🛠️ Step 4: Export Your Public Key
|
||||
|
||||
To share your public key with others, export it:
|
||||
|
||||
```bash
|
||||
gpg --armor --export johndoe@example.com > public_key.asc
|
||||
```
|
||||
|
||||
This creates a file `public_key.asc` with your public key in ASCII format.
|
||||
|
||||
To display the key in the terminal:
|
||||
|
||||
```bash
|
||||
gpg --armor --export johndoe@example.com
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
### 🛠️ Step 5: Test Encryption and Decryption
|
||||
|
||||
1. **Encrypt a file**:
|
||||
|
||||
Create a sample file to encrypt:
|
||||
|
||||
```bash
|
||||
echo "Hello, this is a test message!" > message.txt
|
||||
```
|
||||
|
||||
Encrypt the file with your public key:
|
||||
|
||||
```bash
|
||||
gpg --output message.txt.gpg --encrypt --recipient johndoe@example.com message.txt
|
||||
```
|
||||
|
||||
This generates an encrypted file `message.txt.gpg`.
|
||||
|
||||
2. **Decrypt the file**:
|
||||
|
||||
Decrypt the file using your private key:
|
||||
|
||||
```bash
|
||||
gpg --output decrypted_message.txt --decrypt message.txt.gpg
|
||||
```
|
||||
|
||||
Enter your passphrase when prompted. The decrypted content will be saved in `decrypted_message.txt`.
|
||||
|
||||
---
|
||||
|
||||
### 🛠️ Step 6: Back Up Your Keys
|
||||
|
||||
Always back up your keys to prevent losing access:
|
||||
|
||||
1. **Export your private key**:
|
||||
|
||||
```bash
|
||||
gpg --armor --export-secret-keys johndoe@example.com > private_key.asc
|
||||
```
|
||||
|
||||
2. **Export your public key**:
|
||||
|
||||
```bash
|
||||
gpg --armor --export johndoe@example.com > public_key.asc
|
||||
```
|
||||
|
||||
3. Store these files (`private_key.asc` and `public_key.asc`) in a safe place.
|
||||
|
||||
---
|
||||
|
||||
### 🚀 Final Tips
|
||||
|
||||
- Keep your private key secure. Never share it.
|
||||
- Regularly update your passphrase for added security.
|
||||
- Use tools like **gpg-agent** for easier key management.
|
||||
|
||||
That’s it! You now have a functional GPG key pair set up on Snigdha OS. 🎉
|
||||
Reference in New Issue
Block a user