110.3 Lesson 2

Certificate:

LPIC-1

Version:

5.0

Topic:

110 Security

Objective:

110.3 Securing data with encryption

Lesson:

2 of 2

Introduction

In the previous lesson we learned how to use OpenSSH to encrypt remote login sessions as well as any other subsequent exchange of information. There may be other scenarios where you may want to encrypt files or email so that they reach their recipient safely and free from prying eyes. You may also need to digitally sign those files or messages to prevent them from being tampered with.

A great tool for these types of uses is the GNU Privacy Guard (aka GnuPG or simply GPG), which is a free and open source implementation of the proprietary Pretty Good Privacy (PGP). GPG uses the OpenPGP standard as defined by the OpenPGP Working Group of the Internet Engineering Task Force (IETF) in RFC 4880. In this lesson we will be reviewing the basics of the GNU Privacy Guard.

Perform Basic GnuPG Configuration, Usage and Revocation

Just as with SSH, the underlying mechanism to GPG is that of asymmetric cryptography or public-key cryptography. A user generates a key pair which is made up of a private key and a public key. The keys are mathematically related in such a way that what is encrypted by one can only be decrypted by the other. For communication to take place successfully, the user has to send their public key to the intended recipient.

GnuPG Configuration and Usage

The command to work with GPG is gpg. You can pass it a number of options to carry out different tasks. Let us start by generating a key pair as user carol. For that, you will use the gpg --gen-key command:

carol@debian:~$ gpg --gen-key
gpg (GnuPG) 2.2.12; Copyright (C) 2018 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: directory '/home/carol/.gnupg' created
gpg: keybox '/home/carol/.gnupg/pubring.kbx' created
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name:

(...)

After informing you — amongst other things — that the configuration directory ~/.gnupg and your public keyring ~/.gnugpg/pubring.kbx have been created, gpg goes on to ask you to provide your real name and email address:

(...)
Real name: carol
Email address: carol@debian
You selected this USER-ID:
    "carol <carol@debian>"

Change (N)ame, (E)mail, or (O)kay/(Q)uit?

If you are OK with the resulting USER-ID and press O, you will be then asked for a passphrase (it is recommended that it has enough complexity):

┌──────────────────────────────────────────────────────┐
│ Please enter the passphrase to                       │
│ protect your new key                                 │
│                                                      │
│ Passphrase:  │

(...)

Some final messages will be displayed telling you about the creation of other files as well as the keys themselves and then you are done with the key generation process:

(...)
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: /home/carol/.gnupg/trustdb.gpg: trustdb created
gpg: key 19BBEFD16813034E marked as ultimately trusted
gpg: directory '/home/carol/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/home/carol/.gnupg/openpgp-revocs.d/D18FA0021F644CDAF57FD0F919BBEFD16813034E.rev'
public and secret key created and signed.

pub   rsa3072 2020-07-03 [SC] [expires: 2022-07-03]
      D18FA0021F644CDAF57FD0F919BBEFD16813034E
uid                      carol <carol@debian>
sub   rsa3072 2020-07-03 [E] [expires: 2022-07-03]

You can now see what is inside the ~/.gnupg directory (GPG’s configuration directory):

carol@debian:~/.gnupg$ ls -l
total 16
drwx------ 2 carol carol 4096 Jul  3 23:34 openpgp-revocs.d
drwx------ 2 carol carol 4096 Jul  3 23:34 private-keys-v1.d
-rw-r--r-- 1 carol carol 1962 Jul  3 23:34 pubring.kbx
-rw------- 1 carol carol 1240 Jul  3 23:34 trustdb.gpg

Let us explain the use of each file:

opengp-revocs.d: The revocation certificate that was created along with the key pair is kept here. The permissions on this directory are quite restrictive as anyone who has access to the certificate could revoke the key (more on key revocation in the next subsection).
private-keys-v1.d: This is the directory that keeps your private keys, therefore permissions are restrictive.
pubring.kbx: This is your public keyring. It stores your own as well as any other imported public keys.
trustdb.gpg: The trust database. This has to do with the concept of Web of Trust (which is outside the scope of this lesson).

Note	The arrival of GnuPG 2.1 brought along some significant changes, such as the disappearance of the `secring.gpg` and `pubring.gpg` files in favour of `private-keys-v1.d` and `pubring.kbx`, respectively.

Once your key pair has been created, you can view your public keys with gpg --list-keys — which will display the contents of your public keyring:

carol@debian:~/.gnupg$ gpg --list-keys
/home/carol/.gnupg/pubring.kbx
------------------------------
pub   rsa3072 2020-07-03 [SC] [expires: 2022-07-03]
      D18FA0021F644CDAF57FD0F919BBEFD16813034E
uid           [ultimate] carol <carol@debian>
sub   rsa3072 2020-07-03 [E] [expires: 2022-07-03]

The hexadecimal string D18FA0021F644CDAF57FD0F919BBEFD16813034E is your public key fingerprint.

Note	Apart from the `USER-ID` (`carol` in the example), there is also the `KEY-ID`. The `KEY-ID` consists of the last 8 hexadecimal digits in your public key fingerprint (`6813 034E`). You can check your key fingerprint with the command `gpg --fingerprint USER-ID`.

Key Distribution and Revocation

Now that you have your public key, you should save it (i.e. export it) to a file so that you can make it available to your future recipients. They will then be able to use it to encrypt files or messages intended for you (since you are the only one in posssession of the private key, you will also be the only one able to decrypt and read them). Likewise, your recipients will also use it to decrypt and verify your encrypted or signed messages/files. The command to use is gpg --export followed by the USER-ID and a redirection to the output file name of your choice:

carol@debian:~/.gnupg$ gpg --export carol > carol.pub.key
carol@debian:~/.gnupg$ ls
carol.pub.key  openpgp-revocs.d  private-keys-v1.d  pubring.kbx  trustdb.gpg

Note	Passing the `-a` or `--armor` option to `gpg --export`(e.g.: `gpg --export --armor carol > carol.pub.key`) will create ASCII armored output (instead of the default binary OpenPGP format) which can be safely emailed.

As already noted, you must now send your public key file (carol.pub.key) to the recipient with whom you want to exchange information. For instance, let us send the public key file to ina on remote server halof using scp(secure copy):

carol@debian:~/.gnupg$ scp carol.pub.key ina@halof:/home/ina/
Enter passphrase for key '/home/carol/.ssh/id_ecdsa':
carol.pub.key                                                                                         100% 1740   775.8KB/s   00:00
carol@debian:~/.gnupg$

ina is now in the possession of carol.pub.key. She will use it to encrypt a file and send it to carol in the next section.

Note	Another means of public key distribution is through the use of key servers: you upload your public key to the server with the command `gpg --keyserver keyserver-name --send-keys KEY-ID` and other users will get (i.e. import) them with `gpg --keyserver keyserver-name --recv-keys KEY-ID`.

Let us close this section by discussing key revocation. Key revocation should be used when your private keys have been compromised or retired. The first step is to create a revocation certificate by passing gpg the option --gen-revoke followed by the USER-ID. You can precede --gen-revoke with the --output option followed by a destination file name specification to save the resulting certificate into a file (instead of having it printed on the terminal screen). The output messages throughout the revocation process are quite self-explanatory:

sonya@debian:~/.gnupg$ gpg --output revocation_file.asc --gen-revoke sonya

sec  rsa3072/0989EB7E7F9F2066 2020-07-03 sonya <sonya@debian>

Create a revocation certificate for this key? (y/N) y
Please select the reason for the revocation:
  0 = No reason specified
  1 = Key has been compromised
  2 = Key is superseded
  3 = Key is no longer used
  Q = Cancel
(Probably you want to select 1 here)
Your decision? 1
Enter an optional description; end it with an empty line:
> My laptop was stolen.
>
Reason for revocation: Key has been compromised
My laptop was stolen.
Is this okay? (y/N) y
ASCII armored output forced.
Revocation certificate created.

Please move it to a medium which you can hide away; if Mallory gets
access to this certificate he can use it to make your key unusable.
It is smart to print this certificate and store it away, just in case
your media become unreadable.  But have some caution:  The print system of
your machine might store the data and make it available to others!

The revocation certificate has been saved to the file revocation_file.asc (asc for ASCII format):

sonya@debian:~/.gnupg$ ls
openpgp-revocs.d  private-keys-v1.d  pubring.kbx  revocation_file.asc  trustdb.gpg
sonya@debian:~/.gnupg$ cat revocation_file.asc
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: This is a revocation certificate

iQHDBCABCgAtFiEEiIVjfDnnpieFi0wvnlcN6yLCeHEFAl8ASx4PHQJzdG9sZW4g
bGFwdG9wAAoJEJ5XDesiwnhxT9YMAKkjQiMpo9Uyiy9hyvukPPSrLcmtAGLk4pKS
pLZfzA5kxa+HPQwBglAEvfNRR6VMxqXUgUGYC/IAyQQM62oNAcY2PCPrxyJNgVF7
8l4mMZKvW++5ikjZwyg6WWV0+w6oroeo9qruJFjcu752p4T+9gsHVa2r+KRqcPQe
aZ65sAvsBJlcsUDZqfWUXg2kQp9mNPCdQuqvDaKRgNCHA1zbzNFzXWVd2X5RgFo5
nY+tUP8ZQA9DTQPBLPcggICmfLopMPZYB2bft5geb2mMi2oNpf9CNPdQkdccimNV
aRjqdUP9C89PwTafBQkQiONlsR/dWTFcqprG5KOWQPA7xjeMV8wretdEgsyTxqHp
v1iRzwjshiJCKBXXvz7wSmQrJ4OfiMDHeS4ipR0AYdO8QCzmOzmcFQKikGSHGMy1
z/YRlttd6NZIKjf1TD0nTrFnRvPdsZOlKYSArbfqNrHRBQkgirOD4JPI1tYKTffq
iOeZFx25K+fj2+0AJjvrbe4HDo5m+Q==
=umI8
-----END PGP PUBLIC KEY BLOCK-----

To effectively revoke your private key, you now need to merge the certificate with the key, which is done by importing the revocation certificate file to your keyring:

sonya@debian:~/.gnupg$ gpg --import revocation_file.asc
gpg: key 9E570DEB22C27871: "sonya <sonya@debian>" revocation certificate imported
gpg: Total number processed: 1
gpg:    new key revocations: 1
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2022-07-04

List your keys now and you will be informed about your revoked key:

sonya@debian:~/.gnupg$ gpg --list-keys
/home/sonya/.gnupg/pubring.kbx
pub   rsa3072 2020-07-04 [SC] [revoked: 2020-07-04]
      8885637C39E7A627858B4C2F9E570DEB22C27871
uid           [ revoked] sonya <sonya@debian>

Last — but not least — make sure you make the revoked key available to any party that has public keys associated with it (including keyservers).

Use GPG to Encrypt, Decrypt, Sign and Verify Files

In the previous section, carol sent her public key to ina. We will use it now to discuss how GPG can encrypt, decrypt, sign and verify files.

Encrypting and Decrypting Files

First, ina must import carol's public key (carol.pub.key) into her keyring so that she can start working with it:

ina@halof:~> gpg --import carol.pub.key
gpg: /home/ina/.gnupg/trustdb.gpg: trustdb created
gpg: key 19BBEFD16813034E: public key "carol <carol@debian>" imported
gpg: Total number processed: 1
gpg:               imported: 1
ina@halof:~> gpg --list-keys
/home/ina/.gnupg/pubring.kbx
----------------------------
pub   rsa3072 2020-07-03 [SC] [expires: 2022-07-03]
      D18FA0021F644CDAF57FD0F919BBEFD16813034E
uid           [ unknown] carol <carol@debian>
sub   rsa3072 2020-07-03 [E] [expires: 2022-07-03]

Next you will create a file by writing some text into it and then encrypt it using gpg (because you did not sign carol's key, you will be explicitly asked if you want to use that key):

ina@halof:~> echo "This is the message ..." > unencrypted-message
ina@halof:~> gpg --output encrypted-message --recipient carol --armor --encrypt unencrypted-message
gpg: 0227347CC92A5CB1: There is no assurance this key belongs to the named user
sub  rsa3072/0227347CC92A5CB1 2020-07-03 carol <carol@debian>
 Primary key fingerprint: D18F A002 1F64 4CDA F57F  D0F9 19BB EFD1 6813 034E
      Subkey fingerprint: 9D89 1BF9 39A4 C130 E44B  1135 0227 347C C92A 5CB1

It is NOT certain that the key belongs to the person named
in the user ID.  If you really know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N) y

Let us break down the gpg command:

--output encrypted-message: Filename specification for the encrypted version of the original file (encrypted-message in the example).
--recipient carol: Recipient’s USER-ID specification (carol in our example). If not provided, GnuPG will ask for it (unless --default-recipient is specified).
--armor: This option produces ASCII armored output, which can be copied into an email.
--encrypt unencrypted-message: Filename specification of the original file to encrypt.

You can now send the encrypted-message to carol on debian using scp:

ina@halof:~> scp encrypted-message carol@debian:/home/carol/
carol@debian's password:
encrypted-message                                                             100%  736     1.8MB/s   00:00

If you log in as carol now and try to read the encrypted-message, you will confirm that it is actually encrypted and — therefore — unreadable:

carol@debian:~$ cat encrypted-message
-----BEGIN PGP MESSAGE-----

hQGMAwInNHzJKlyxAQv/brJ8Ubs/xya35sbv6kdRKm1C7ONLxL3OueWA4mCs0Y/P
GBna6ZEUCrMEgl/rCyByj3Yq74kuiTmzxAIRUDdvHfj0TtrOWjVAqIn/fPSfMkjk
dTxKo1i55tLJ+sj17dGMZDcNBinBTP4U1atuN71A5w7vH+XpcesRcFQLKiSOmYTt
F7SN3/5x5J6io4ISn+b0KbJgiJNNx+Ne/ub4Uzk4NlK7tmBklyC1VRualtxcG7R9
1klBPYSld6fTdDwT1Y4MofpyILAiGMZvUR1RXauEKf7OIzwC5gWU+UQPSgeCdKQu
X7QL0ZIBS0Ug2XKrO1k93lmDjf8PWsRIml6n/hNelaOBA3HMP0b6Ozv1gFeEsFvC
IxhUYPb+rfuNFTMEB7xIO94AAmWB9N4qknMxdDqNE8WhA728Plw6y8L2ngsplY15
MR4lIFDpljA/CcVh4BXVe9j0TdFWDUkrFMfaIfcPQwKLXEYJp19XYIaaEazkOs5D
W4pENN0YOcX0KWyAYX6r0l8BF0rq/HMenQwqAVXMG3s8ATuUOeqjBbR1x1qCvRQP
CR/3V73aQwc2j5ioQmhWYpqxiro0yKX2Ar/E6rZyJtJYrq+CUk8O3JoBaudknNFj
pwuRwF1amwnSZ/MZ/9kMKQ==
=g1jw
-----END PGP MESSAGE-----

However, as you are in possession of the private key, you can easily decrypt the message by passing gpg the --decrypt option followed by the path to the encrypted file (the private key’s passphrase will be required):

carol@debian:~$ gpg --decrypt encrypted-message
gpg: encrypted with 3072-bit RSA key, ID 0227347CC92A5CB1, created 2020-07-03
      "carol <carol@debian>"
This is the message ...

You can also specify the --output option to save the message into a new unencrypted file:

carol@debian:~$ gpg --output unencrypted-message --decrypt encrypted-message
gpg: encrypted with 3072-bit RSA key, ID 0227347CC92A5CB1, created 2020-07-03
      "carol <carol@debian>"
carol@debian:~$ cat unencrypted-message
This is the message ...

Signing and Verifying Files

Apart from encrypting, GPG can also be used to sign files. The --sign option is relevant here. Let us start by creating a new message (message) and signing it with the --sign option (your private key’s passphrase will be required):

carol@debian:~$ echo "This is the message to sign ..." > message
carol@debian:~$ gpg --output message.sig --sign message
(...)

Breakdown of the gpg command:

--output message: Filename specification of the signed version of the original file (message.sig in our example).
--sign message: Path to original file.

Note	Using `--sign` the document is compressed and then signed. The output is in binary format.

Next we will transfer the file to ina on halof using scp message.sig ina@halof:/home/ina . Back as ina on halof, you can now verify it by using the --verify option:

ina@halof:~> gpg --verify message.sig
gpg: Signature made Sat 04 jul 2020 14:34:41 CEST
gpg:                using RSA key D18FA0021F644CDAF57FD0F919BBEFD16813034E
gpg: Good signature from "carol <carol@debian>" [unknown]
(...)

If you also want to read the file, you have to decrypt it to a new file (message in our case) using the --output option:

ina@halof:~> gpg --output message --decrypt message.sig
gpg: Signature made Sat 04 jul 2020 14:34:41 CEST
gpg:                using RSA key D18FA0021F644CDAF57FD0F919BBEFD16813034E
gpg: Good signature from "carol <carol@debian>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: D18F A002 1F64 4CDA F57F  D0F9 19BB EFD1 6813 034E
ina@halof:~> cat message
This is the message to sign ...

GPG-Agent

We will round this lesson off by briefly touching upon gpg-agent. gpg-agent is the daemon that manages private keys for GPG (it is started on demand by gpg). To view a summary of the most useful options, run gpg-agent --help or gpg-agent -h:

carol@debian:~$ gpg-agent --help
gpg-agent (GnuPG) 2.2.4
libgcrypt 1.8.1
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Syntax: gpg-agent [options] [command [args]]
Secret key management for GnuPG

Options:

     --daemon                        run in daemon mode (background)
     --server                        run in server mode (foreground)
     --supervised                    run in supervised mode
 -v, --verbose                       verbose
 -q, --quiet                         be somewhat more quiet
 -s, --sh                            sh-style command output
 -c, --csh                           csh-style command output
(...)

Note	For more information, consult the `gpg-agent` man page.

Guided Exercises

Complete the table by providing the correct filename:

Description Filename

Trust database

Directory for revocation certificates

Directory for private keys

Public keyring
Answer the following questions:
- What type of cryptography is used by GnuPG?
- What are the two main components of public key cryptography?
- What is the KEY-ID of the public key fingerprint 07A6 5898 2D3A F3DD 43E3 DA95 1F3F 3147 FA7F 54C7?
- What method is used to distribute public keys at a global level?
Put the following steps in the right order concerning private key revocation:
- Make the revoked key available to your correspondents.
- Create a revocation certificate.
- Import the revocation certificate to your keyring.
  
  The correct order is:
  
  Step 1:
  
  Step 2:
  
  Step 3:
Regarding file encryption, what does the --armor option imply in the command gpg --output encrypted-message --recipient carol --armor --encrypt unencrypted-message?

Explorational Exercises

Most gpg options have both a long and a short version. Complete the table with the corresponding short version:

Long version Short version

--armor

--output

--recipient

--decrypt

--encrypt

--sign
Answer the following questions concerning key export:
- What command would you use to export all of your public keys to a file called all.key?
- What command would you use to export all of your private keys to a file called all_private.key?
What gpg option allows for carrying out most key management related tasks by presenting you with a menu?
What gpg option allows you to make a cleartext signature?

Summary

This lesson has covered the GNU Privacy Guard, an excellent choice to encrypt/decrypt and digitally sign/verify files. You learned:

how to generate a pair of keys.
how to list the keys in your keyring.
the contents of the ~/.gnupg directory.
what USER-ID and KEY-ID are.
how to distribute public keys to your correspondents.
how to globally distribute public keys through keyservers.
how to revoke private keys.
how to encrypt and decrypt files.
how to sign and verify files.
the basics of the GPG-Agent.

The following commands were discussed in this lesson:

gpg: OpenPGP encryption and signing tool.

Answers to Guided Exercises

Complete the table by providing the correct file name:

Description Filename

Trust database

trustdb.gpg

Directory for revocation certificates

opengp-revocs.d

Directory for private keys

private-keys-v1.d

Public keyring

pubring.kbx
Answer the following questions:
- What type of cryptography is used by GnuPG?
  
  Public key cryptography or asymmetric cryptography.
- What are the two main components of public key cryptography?
  
  The public and the private keys.
- What is the KEY-ID of the public key fingerprint 07A6 5898 2D3A F3DD 43E3 DA95 1F3F 3147 FA7F 54C7?
  
  FA7F 54C7
- What method is used to distribute public keys at a global level?
  
  Key servers.
Put the following steps in the right order concerning private key revocation:
- Make the revoked key available to your correspondents
- Create a revocation certificate
- Import the revocation certificate to your keyring
  
  The correct order is:
  
  Step 1:
  
  Create a revocation certificate
  
  Step 2:
  
  Import the revocation certificate to your keyring
  
  Step 3:
  
  Make the revoked key available to your correspondents
Regarding file encryption, what does the --armor option imply in the command gpg --output encrypted-message --recipient carol --armor --encrypt unencrypted-message?

It produces ASCII armored output, which allows you to copy the resulting existing encrypted file into an email.

Answers to Explorational Exercises

Most gpg options have both a long and a short version. Complete the table with the corresponding short version:

Long version Short version

--armor

-a

--output

-o

--recipient

-r

--decrypt

-d

--encrypt

-e

--sign

-s
Answer the following questions concerning key export:
- What command would you use to export all of your public keys to a file called all.key?
  
  gpg --export --output all.key or gpg --export -o all.key
- What command would you use to export all of your private keys to a file called all_private.key?
  
  gpg --export-secret-keys --output all_private.key or gpg --export-secret-keys -o all_private.key (--export-secret-keys can be replaced by --export-secret-subkeys with a slightly different outcome — check man pgp for more information).
What gpg option allows for carrying out most key management related tasks by presenting you with a menu?

--edit-key
What gpg option allows you to make a cleartext signature?

--clearsign