Scribd
Upload
8 views

Lab - 5 - Encrypting

Uploaded by

abdullahal8besy
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
8 views

Lab - 5 - Encrypting

Uploaded by

abdullahal8besy
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

LAB EXERCISE: Installing and using GnuPG to perform RSA encryption and digital signature

GnuPG is already pre-installed in Kali Linux. Check by typing the following command:
if which gpg >/dev/null; then
echo "Installed"
# ...
fi

Not installed, you can install GPG with the following command for GnuPG package
sudo apt-get install gnupg

Generate a public/private key pair (keypair)


gpg --full-generate-key

You should get a menu as shown below

What kind of key algorithm you want. Press '1' and ENTER.

[1] Next is the key size. Press ENTER to accept the default of 2048
[2] Key Validation: Press '1' and ENTER. (For one day validation)
[3] Then Answer 'y', then ENTER.

The next set of prompts constructs the identity.


o The Real name is your name : Your first name then Press ENTER
o Email address is the contact email for the key: [email protected]
o The optional Comment can identify a company, use, or version (you can leave
this blank)
o You are then asked to enter a passphrase to protect your key

You can also use the following command to list the keys in your keyrings:
gpg --list-keys

Export the Public key from the keyring to a file In ASCII Format
gpg --export -a USERID> public.txt

Export the Private key from the keyring to a file In ASCII Format
gpg --export-secret-keys -a USERID > private.txt

Create a plain text file called "yourname.txt" using your favorite text editor (Vi, Vim or nano text
editor)
gedit yourname.txt

And write the following


My name is "Your Name"

My credit card number is 1234-5678-9012-3456

The password for my phone is 4242


Sent your public key to a Keyserver using the command-line option --send-keys.
gpg --keyserver keyserver.ubuntu.com --send-keys <KeyID>

The option --recv-keys is used to retrieve keys from a keyserver


$ gpg --keyserver hkp://keyserver.ubuntu.com --search-key <KeyID>

Use the -e or --encrypt option to encrypt a file for particular user (-r) with an ASCII encoding (-
a)
gpg -a -e -r [email protected] yourname.txt

Verify that you now have encrypted files present in your directory:
ls -l yourname.txt*

To view the contents of this file


cat yourname.txt.asc

create digital signature for your file. You will be asked to enter your passphrase to unlock the
private key which is used for signing the document
With GnuPG, there are multiple methods of signing a file: gpg --output file.sig --clearsign file.txt
gpg --armor --output file.sig --sign file.txt
$ gpg --help | grep -i sign

You can use –detach-sign option to create a detached signature ( new file is created as signature)
$ gpg -a -o file.sig --detach-sig file.txt

you can list the signatures’s that got generated using the following command
$ gpg --list-sigs

When you receive keys, save the attachment and add it to your keyring (look for an "import"
option) or do this from the command line:
gpg –import public.txt

Upload your public key plus digital Signature along with the data to blackboard so your
instructor can verify it. (Public key + Digital Signature file + Text file)

To decrypt a file with GnuPG/PGP, all you can use -d or --decrypt to type the following
command:
gpg -d yourname.txt.asc

verify digital signature. In order to verify a detached signature, you need to have both the
signature file and the data file

$ gpg --verify file.sig file.txt

To decrypt a file with GnuPG/PGP, all you can use -d or --decrypt to type the following
command:
gpg -d yourname.txt.asc
Editing a GPG key
You can change expiration dates and passwords, sign or revoke keys, and add and remove emails
and photos by typing this command:
gpg --edit-key USERID

At the subprompt, help or a ? to get lists the available edit commands.


gpg >?

Change the expiration date for the key to 2 weeks


gpg > expire

Change password to “123456”


gpg > passwd

Delete GPG Key


To delete the key from keyring, first you need to delete the private key
gpg --delete-secret-key USERID

After that, you can delete the public key:


gpg --delete-key USERID

OR you can delete both at once by typing this command:

gpg --delete-secret-and-public-key USERID


Revocation:
Revoke your key when distributed to people and keyservers tells them that your key is no longer
valid, see (generate a revocation certificate for a public/private keypair)

$ gpg --output revoke.asc --gen-revoke <keyID>

After this, you need to import the revocation certificate into your public keyring:

$ gpg --import revoke.asc

Send the revoked key to the public keyserver

$ gpg --keyserver hkp://keyserver.ubuntu.com --send-keys <KeyID>

You might also like