Gpg -gen-revoke will be asked for the reason that it is being revoked. This revocation key must be generated ahead of time and kept in a secure, separate location in case your computer is compromised or inoperable. This should be done as soon as you make the key pair, not when you need it. There is an easy way of doing this with the GPG software. You need to have a way of invalidating your key pair in case there is a security breach, or in case you lose your secret key. There is an article here about how to generate additional entropy with haveged, which may be of use.Create a Revocation Certificate This process may take a long time, depending on how active you can make your system. Install some software, do some work, and just use the machine as much as possible to let it generate the needed entropy. It is best to open a new terminal and ssh into the VPS while this runs. GPG uses this entropy to generate a random set of keys. This is basically a term to describe the amount of unpredictability that exists in a system. Please select what kind of key you want: (1) RSA and RSA (default)Įmail address: Optional comment that will be visible in your signatureĬhange (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? OĮnter passphrase: Enter a secure passphrase here (upper & lower case, digits, symbols)Īt this point, it will need to generate the keys using entropy. This will take you through a few questions that will configure your keys.
You can do this by issuing the following command:
To begin using GPG to encrypt your communications, you need to create a key pair. GPG should be installed by default on Ubuntu 12.04.
0 kommentar(er)
