Technology news and Jobs 
Our Blogs Apexing the Linux learning curve Data encryption and Ubuntu, Part II
Our Blogs Apexing the Linux learning curve Data encryption and Ubuntu, Part II | Data encryption and Ubuntu, Part II |
|
| Apexing the Linux learning curve - Linux for Learners | |
| by Hamish Taylor | |
| Thursday, 27 November 2008 | |
|
Page 2 of 3 Ubuntu 8.10 has a rather simple way of dealing with this: we create a PGP key and then we use that to encrypt and decrypt files.Featured Whitepaper
5 Best Practices for Smartphone Support
You can share the Public Key with anyone. Give it away; shout it from the mountaintops; put it on your business card or up on Facebook; it doesn't matter who has this. In fact, you can upload it to public servers such as pgp.mit.edu or keyserver.pgp.com so others can easily download it. I have a number of Public Keys up there, some of them quite old and no longer used. To be effective, PGP uses both the keys. If you have someone's Public Key and encrypt a file using it, then only the person with the corresponding Private Key can de-crypt it. Without that particular Private Key the file is just gibberish. The history and subject of how Public and Private Keys work is fascinating (to me anyway), full of really complex mathematics and not really appropriate for this article, so I am deliberately going to gloss over it. For the moment I'd refer you to the Wikipedia article about how Public Key cryptography works. Only the person who created the Private Key should ever have access to it. Thus you do NOT share the Private Key with anyone. Ultimately you'll be prompted for the password when using the Private Key anyway, so be sure to select a good, strong password, but I am getting ahead of myself, as now is the time to talk about how to actually make a Key Pair. Creating the key is actually incredibly simple. In Ubuntu, go to Applications, Accessories, Passwords and Encryption Keys. Click on the Key menu at the top left. Select "Create new key". Click PGP Key and click on Continue. Type in your Name, Email address and an optional comment. With the email address, if you are only going to use this key for encrypting files on your local computer, then you can type in <name>@local. If you want to use this key to send encrypted emails to other people (which I'll look at in Part III), then type in your own email address in full (not theirs, which is a mistake I made early on!). You can also elect to look at the advanced options, the only one of which I'd think about changing is the Expiration Date. By default, the key does not expire (this is probably a really good thing for local file encryption!). However, for email encryption you might want to set an expiration date, especially if you don't know if you'll have access to that email address for ever. For example, if you currently work at a company but might change jobs, or you're using this only for a short-term project. You will be prompted for a password and will need to type this in twice. This is a very important password. It should be of sufficient strength that no-one will be able to guess it and it and should not be forgotten! It is the only way that you have of altering this PGP key, and ultimately the only protection you have of asserting that this is your key. So, now we have generated the key, what do we do now? Please read onto page 3... |
|
| < Next story in category | Previous story in the category > |
|---|
