110.3 Lesson 2
Certificate: |
LPIC-1 |
---|---|
Version: |
5.0 |
Topic: |
110 Security |
Objective: |
110.3 Securing data with encryption |
Lesson: |
2 of 2 |
Introduction
In the previous lesson we learned how to use OpenSSH to encrypt remote login sessions as well as any other subsequent exchange of information. There may be other scenarios where you may want to encrypt files or email so that they reach their recipient safely and free from prying eyes. You may also need to digitally sign those files or messages to prevent them from being tampered with.
A great tool for these types of uses is the GNU Privacy Guard (aka GnuPG or simply GPG), which is a free and open source implementation of the proprietary Pretty Good Privacy (PGP). GPG uses the OpenPGP standard as defined by the OpenPGP Working Group of the Internet Engineering Task Force (IETF) in RFC 4880. In this lesson we will be reviewing the basics of the GNU Privacy Guard.
Perform Basic GnuPG Configuration, Usage and Revocation
Just as with SSH, the underlying mechanism to GPG is that of asymmetric cryptography or public-key cryptography. A user generates a key pair which is made up of a private key and a public key. The keys are mathematically related in such a way that what is encrypted by one can only be decrypted by the other. For communication to take place successfully, the user has to send their public key to the intended recipient.
GnuPG Configuration and Usage
The command to work with GPG is gpg
. You can pass it a number of options to carry out different tasks. Let us start by generating a key pair as user carol
. For that, you will use the gpg --gen-key
command:
carol@debian:~$ gpg --gen-key gpg (GnuPG) 2.2.12; Copyright (C) 2018 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. gpg: directory '/home/carol/.gnupg' created gpg: keybox '/home/carol/.gnupg/pubring.kbx' created Note: Use "gpg --full-generate-key" for a full featured key generation dialog. GnuPG needs to construct a user ID to identify your key. Real name: (...)
After informing you — amongst other things — that the configuration directory ~/.gnupg
and your public keyring ~/.gnugpg/pubring.kbx
have been created, gpg
goes on to ask you to provide your real name and email address:
(...) Real name: carol Email address: carol@debian You selected this USER-ID: "carol <carol@debian>" Change (N)ame, (E)mail, or (O)kay/(Q)uit?
If you are OK with the resulting USER-ID
and press O, you will be then asked for a passphrase (it is recommended that it has enough complexity):
┌──────────────────────────────────────────────────────┐ │ Please enter the passphrase to │ │ protect your new key │ │ │ │ Passphrase: │ (...)
Some final messages will be displayed telling you about the creation of other files as well as the keys themselves and then you are done with the key generation process:
(...) We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: /home/carol/.gnupg/trustdb.gpg: trustdb created gpg: key 19BBEFD16813034E marked as ultimately trusted gpg: directory '/home/carol/.gnupg/openpgp-revocs.d' created gpg: revocation certificate stored as '/home/carol/.gnupg/openpgp-revocs.d/D18FA0021F644CDAF57FD0F919BBEFD16813034E.rev' public and secret key created and signed. pub rsa3072 2020-07-03 [SC] [expires: 2022-07-03] D18FA0021F644CDAF57FD0F919BBEFD16813034E uid carol <carol@debian> sub rsa3072 2020-07-03 [E] [expires: 2022-07-03]
You can now see what is inside the ~/.gnupg
directory (GPG’s configuration directory):
carol@debian:~/.gnupg$ ls -l total 16 drwx------ 2 carol carol 4096 Jul 3 23:34 openpgp-revocs.d drwx------ 2 carol carol 4096 Jul 3 23:34 private-keys-v1.d -rw-r--r-- 1 carol carol 1962 Jul 3 23:34 pubring.kbx -rw------- 1 carol carol 1240 Jul 3 23:34 trustdb.gpg
Let us explain the use of each file:
opengp-revocs.d
-
The revocation certificate that was created along with the key pair is kept here. The permissions on this directory are quite restrictive as anyone who has access to the certificate could revoke the key (more on key revocation in the next subsection).
private-keys-v1.d
-
This is the directory that keeps your private keys, therefore permissions are restrictive.
pubring.kbx
-
This is your public keyring. It stores your own as well as any other imported public keys.
trustdb.gpg
-
The trust database. This has to do with the concept of Web of Trust (which is outside the scope of this lesson).
Note
|
The arrival of GnuPG 2.1 brought along some significant changes, such as the disappearance of the |
Once your key pair has been created, you can view your public keys with gpg --list-keys
— which will display the contents of your public keyring:
carol@debian:~/.gnupg$ gpg --list-keys /home/carol/.gnupg/pubring.kbx ------------------------------ pub rsa3072 2020-07-03 [SC] [expires: 2022-07-03] D18FA0021F644CDAF57FD0F919BBEFD16813034E uid [ultimate] carol <carol@debian> sub rsa3072 2020-07-03 [E] [expires: 2022-07-03]
The hexadecimal string D18FA0021F644CDAF57FD0F919BBEFD16813034E
is your public key fingerprint.
Note
|
Apart from the |
Key Distribution and Revocation
Now that you have your public key, you should save it (i.e. export it) to a file so that you can make it available to your future recipients. They will then be able to use it to encrypt files or messages intended for you (since you are the only one in posssession of the private key, you will also be the only one able to decrypt and read them). Likewise, your recipients will also use it to decrypt and verify your encrypted or signed messages/files. The command to use is gpg --export
followed by the USER-ID
and a redirection to the output file name of your choice:
carol@debian:~/.gnupg$ gpg --export carol > carol.pub.key carol@debian:~/.gnupg$ ls carol.pub.key openpgp-revocs.d private-keys-v1.d pubring.kbx trustdb.gpg
Note
|
Passing the |
As already noted, you must now send your public key file (carol.pub.key
) to the recipient with whom you want to exchange information. For instance, let us send the public key file to ina
on remote server halof
using scp
(secure copy):
carol@debian:~/.gnupg$ scp carol.pub.key ina@halof:/home/ina/ Enter passphrase for key '/home/carol/.ssh/id_ecdsa': carol.pub.key 100% 1740 775.8KB/s 00:00 carol@debian:~/.gnupg$
ina
is now in the possession of carol.pub.key
. She will use it to encrypt a file and send it to carol
in the next section.
Note
|
Another means of public key distribution is through the use of key servers: you upload your public key to the server with the command |
Let us close this section by discussing key revocation. Key revocation should be used when your private keys have been compromised or retired. The first step is to create a revocation certificate by passing gpg
the option --gen-revoke
followed by the USER-ID
. You can precede --gen-revoke
with the --output
option followed by a destination file name specification to save the resulting certificate into a file (instead of having it printed on the terminal screen). The output messages throughout the revocation process are quite self-explanatory:
sonya@debian:~/.gnupg$ gpg --output revocation_file.asc --gen-revoke sonya sec rsa3072/0989EB7E7F9F2066 2020-07-03 sonya <sonya@debian> Create a revocation certificate for this key? (y/N) y Please select the reason for the revocation: 0 = No reason specified 1 = Key has been compromised 2 = Key is superseded 3 = Key is no longer used Q = Cancel (Probably you want to select 1 here) Your decision? 1 Enter an optional description; end it with an empty line: > My laptop was stolen. > Reason for revocation: Key has been compromised My laptop was stolen. Is this okay? (y/N) y ASCII armored output forced. Revocation certificate created. Please move it to a medium which you can hide away; if Mallory gets access to this certificate he can use it to make your key unusable. It is smart to print this certificate and store it away, just in case your media become unreadable. But have some caution: The print system of your machine might store the data and make it available to others!
The revocation certificate has been saved to the file revocation_file.asc
(asc
for ASCII format):
sonya@debian:~/.gnupg$ ls openpgp-revocs.d private-keys-v1.d pubring.kbx revocation_file.asc trustdb.gpg sonya@debian:~/.gnupg$ cat revocation_file.asc -----BEGIN PGP PUBLIC KEY BLOCK----- Comment: This is a revocation certificate iQHDBCABCgAtFiEEiIVjfDnnpieFi0wvnlcN6yLCeHEFAl8ASx4PHQJzdG9sZW4g bGFwdG9wAAoJEJ5XDesiwnhxT9YMAKkjQiMpo9Uyiy9hyvukPPSrLcmtAGLk4pKS pLZfzA5kxa+HPQwBglAEvfNRR6VMxqXUgUGYC/IAyQQM62oNAcY2PCPrxyJNgVF7 8l4mMZKvW++5ikjZwyg6WWV0+w6oroeo9qruJFjcu752p4T+9gsHVa2r+KRqcPQe aZ65sAvsBJlcsUDZqfWUXg2kQp9mNPCdQuqvDaKRgNCHA1zbzNFzXWVd2X5RgFo5 nY+tUP8ZQA9DTQPBLPcggICmfLopMPZYB2bft5geb2mMi2oNpf9CNPdQkdccimNV aRjqdUP9C89PwTafBQkQiONlsR/dWTFcqprG5KOWQPA7xjeMV8wretdEgsyTxqHp v1iRzwjshiJCKBXXvz7wSmQrJ4OfiMDHeS4ipR0AYdO8QCzmOzmcFQKikGSHGMy1 z/YRlttd6NZIKjf1TD0nTrFnRvPdsZOlKYSArbfqNrHRBQkgirOD4JPI1tYKTffq iOeZFx25K+fj2+0AJjvrbe4HDo5m+Q== =umI8 -----END PGP PUBLIC KEY BLOCK-----
To effectively revoke your private key, you now need to merge the certificate with the key, which is done by importing the revocation certificate file to your keyring:
sonya@debian:~/.gnupg$ gpg --import revocation_file.asc gpg: key 9E570DEB22C27871: "sonya <sonya@debian>" revocation certificate imported gpg: Total number processed: 1 gpg: new key revocations: 1 gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: next trustdb check due at 2022-07-04
List your keys now and you will be informed about your revoked key:
sonya@debian:~/.gnupg$ gpg --list-keys /home/sonya/.gnupg/pubring.kbx pub rsa3072 2020-07-04 [SC] [revoked: 2020-07-04] 8885637C39E7A627858B4C2F9E570DEB22C27871 uid [ revoked] sonya <sonya@debian>
Last — but not least — make sure you make the revoked key available to any party that has public keys associated with it (including keyservers).
Use GPG to Encrypt, Decrypt, Sign and Verify Files
In the previous section, carol
sent her public key to ina
. We will use it now to discuss how GPG can encrypt, decrypt, sign and verify files.
Encrypting and Decrypting Files
First, ina
must import carol
's public key (carol.pub.key
) into her keyring so that she can start working with it:
ina@halof:~> gpg --import carol.pub.key gpg: /home/ina/.gnupg/trustdb.gpg: trustdb created gpg: key 19BBEFD16813034E: public key "carol <carol@debian>" imported gpg: Total number processed: 1 gpg: imported: 1 ina@halof:~> gpg --list-keys /home/ina/.gnupg/pubring.kbx ---------------------------- pub rsa3072 2020-07-03 [SC] [expires: 2022-07-03] D18FA0021F644CDAF57FD0F919BBEFD16813034E uid [ unknown] carol <carol@debian> sub rsa3072 2020-07-03 [E] [expires: 2022-07-03]
Next you will create a file by writing some text into it and then encrypt it using gpg
(because you did not sign carol
's key, you will be explicitly asked if you want to use that key):
ina@halof:~> echo "This is the message ..." > unencrypted-message ina@halof:~> gpg --output encrypted-message --recipient carol --armor --encrypt unencrypted-message gpg: 0227347CC92A5CB1: There is no assurance this key belongs to the named user sub rsa3072/0227347CC92A5CB1 2020-07-03 carol <carol@debian> Primary key fingerprint: D18F A002 1F64 4CDA F57F D0F9 19BB EFD1 6813 034E Subkey fingerprint: 9D89 1BF9 39A4 C130 E44B 1135 0227 347C C92A 5CB1 It is NOT certain that the key belongs to the person named in the user ID. If you really know what you are doing, you may answer the next question with yes. Use this key anyway? (y/N) y
Let us break down the gpg
command:
--output encrypted-message
-
Filename specification for the encrypted version of the original file (
encrypted-message
in the example). --recipient carol
-
Recipient’s
USER-ID
specification (carol
in our example). If not provided, GnuPG will ask for it (unless--default-recipient
is specified). --armor
-
This option produces ASCII armored output, which can be copied into an email.
--encrypt unencrypted-message
-
Filename specification of the original file to encrypt.
You can now send the encrypted-message
to carol
on debian
using scp
:
ina@halof:~> scp encrypted-message carol@debian:/home/carol/ carol@debian's password: encrypted-message 100% 736 1.8MB/s 00:00
If you log in as carol
now and try to read the encrypted-message
, you will confirm that it is actually encrypted and — therefore — unreadable:
carol@debian:~$ cat encrypted-message -----BEGIN PGP MESSAGE----- hQGMAwInNHzJKlyxAQv/brJ8Ubs/xya35sbv6kdRKm1C7ONLxL3OueWA4mCs0Y/P GBna6ZEUCrMEgl/rCyByj3Yq74kuiTmzxAIRUDdvHfj0TtrOWjVAqIn/fPSfMkjk dTxKo1i55tLJ+sj17dGMZDcNBinBTP4U1atuN71A5w7vH+XpcesRcFQLKiSOmYTt F7SN3/5x5J6io4ISn+b0KbJgiJNNx+Ne/ub4Uzk4NlK7tmBklyC1VRualtxcG7R9 1klBPYSld6fTdDwT1Y4MofpyILAiGMZvUR1RXauEKf7OIzwC5gWU+UQPSgeCdKQu X7QL0ZIBS0Ug2XKrO1k93lmDjf8PWsRIml6n/hNelaOBA3HMP0b6Ozv1gFeEsFvC IxhUYPb+rfuNFTMEB7xIO94AAmWB9N4qknMxdDqNE8WhA728Plw6y8L2ngsplY15 MR4lIFDpljA/CcVh4BXVe9j0TdFWDUkrFMfaIfcPQwKLXEYJp19XYIaaEazkOs5D W4pENN0YOcX0KWyAYX6r0l8BF0rq/HMenQwqAVXMG3s8ATuUOeqjBbR1x1qCvRQP CR/3V73aQwc2j5ioQmhWYpqxiro0yKX2Ar/E6rZyJtJYrq+CUk8O3JoBaudknNFj pwuRwF1amwnSZ/MZ/9kMKQ== =g1jw -----END PGP MESSAGE-----
However, as you are in possession of the private key, you can easily decrypt the message by passing gpg
the --decrypt
option followed by the path to the encrypted file (the private key’s passphrase will be required):
carol@debian:~$ gpg --decrypt encrypted-message gpg: encrypted with 3072-bit RSA key, ID 0227347CC92A5CB1, created 2020-07-03 "carol <carol@debian>" This is the message ...
You can also specify the --output
option to save the message into a new unencrypted file:
carol@debian:~$ gpg --output unencrypted-message --decrypt encrypted-message gpg: encrypted with 3072-bit RSA key, ID 0227347CC92A5CB1, created 2020-07-03 "carol <carol@debian>" carol@debian:~$ cat unencrypted-message This is the message ...
Signing and Verifying Files
Apart from encrypting, GPG can also be used to sign files. The --sign
option is relevant here. Let us start by creating a new message (message
) and signing it with the --sign
option (your private key’s passphrase will be required):
carol@debian:~$ echo "This is the message to sign ..." > message carol@debian:~$ gpg --output message.sig --sign message (...)
Breakdown of the gpg
command:
--output message
-
Filename specification of the signed version of the original file (
message.sig
in our example). --sign message
-
Path to original file.
Note
|
Using |
Next we will transfer the file to ina
on halof
using scp message.sig ina@halof:/home/ina
. Back as ina
on halof
, you can now verify it by using the --verify
option:
ina@halof:~> gpg --verify message.sig gpg: Signature made Sat 04 jul 2020 14:34:41 CEST gpg: using RSA key D18FA0021F644CDAF57FD0F919BBEFD16813034E gpg: Good signature from "carol <carol@debian>" [unknown] (...)
If you also want to read the file, you have to decrypt it to a new file (message
in our case) using the --output
option:
ina@halof:~> gpg --output message --decrypt message.sig gpg: Signature made Sat 04 jul 2020 14:34:41 CEST gpg: using RSA key D18FA0021F644CDAF57FD0F919BBEFD16813034E gpg: Good signature from "carol <carol@debian>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: D18F A002 1F64 4CDA F57F D0F9 19BB EFD1 6813 034E ina@halof:~> cat message This is the message to sign ...
GPG-Agent
We will round this lesson off by briefly touching upon gpg-agent
. gpg-agent
is the daemon that manages private keys for GPG (it is started on demand by gpg
). To view a summary of the most useful options, run gpg-agent --help
or gpg-agent -h
:
carol@debian:~$ gpg-agent --help gpg-agent (GnuPG) 2.2.4 libgcrypt 1.8.1 Copyright (C) 2017 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Syntax: gpg-agent [options] [command [args]] Secret key management for GnuPG Options: --daemon run in daemon mode (background) --server run in server mode (foreground) --supervised run in supervised mode -v, --verbose verbose -q, --quiet be somewhat more quiet -s, --sh sh-style command output -c, --csh csh-style command output (...)
Note
|
For more information, consult the |
Guided Exercises
-
Complete the table by providing the correct filename:
Description Filename Trust database
Directory for revocation certificates
Directory for private keys
Public keyring
-
Answer the following questions:
-
What type of cryptography is used by GnuPG?
-
What are the two main components of public key cryptography?
-
What is the
KEY-ID
of the public key fingerprint07A6 5898 2D3A F3DD 43E3 DA95 1F3F 3147 FA7F 54C7
? -
What method is used to distribute public keys at a global level?
-
-
Put the following steps in the right order concerning private key revocation:
-
Make the revoked key available to your correspondents.
-
Create a revocation certificate.
-
Import the revocation certificate to your keyring.
The correct order is:
Step 1:
Step 2:
Step 3:
-
-
Regarding file encryption, what does the
--armor
option imply in the commandgpg --output encrypted-message --recipient carol --armor --encrypt unencrypted-message
?
Explorational Exercises
-
Most
gpg
options have both a long and a short version. Complete the table with the corresponding short version:Long version Short version --armor
--output
--recipient
--decrypt
--encrypt
--sign
-
Answer the following questions concerning key export:
-
What command would you use to export all of your public keys to a file called
all.key
? -
What command would you use to export all of your private keys to a file called
all_private.key
?
-
-
What
gpg
option allows for carrying out most key management related tasks by presenting you with a menu? -
What
gpg
option allows you to make a cleartext signature?
Summary
This lesson has covered the GNU Privacy Guard, an excellent choice to encrypt/decrypt and digitally sign/verify files. You learned:
-
how to generate a pair of keys.
-
how to list the keys in your keyring.
-
the contents of the
~/.gnupg
directory. -
what
USER-ID
andKEY-ID
are. -
how to distribute public keys to your correspondents.
-
how to globally distribute public keys through keyservers.
-
how to revoke private keys.
-
how to encrypt and decrypt files.
-
how to sign and verify files.
-
the basics of the GPG-Agent.
The following commands were discussed in this lesson:
gpg
-
OpenPGP encryption and signing tool.
Answers to Guided Exercises
-
Complete the table by providing the correct file name:
Description Filename Trust database
trustdb.gpg
Directory for revocation certificates
opengp-revocs.d
Directory for private keys
private-keys-v1.d
Public keyring
pubring.kbx
-
Answer the following questions:
-
What type of cryptography is used by GnuPG?
Public key cryptography or asymmetric cryptography.
-
What are the two main components of public key cryptography?
The public and the private keys.
-
What is the
KEY-ID
of the public key fingerprint07A6 5898 2D3A F3DD 43E3 DA95 1F3F 3147 FA7F 54C7
?FA7F 54C7
-
What method is used to distribute public keys at a global level?
Key servers.
-
-
Put the following steps in the right order concerning private key revocation:
-
Make the revoked key available to your correspondents
-
Create a revocation certificate
-
Import the revocation certificate to your keyring
The correct order is:
Step 1:
Create a revocation certificate
Step 2:
Import the revocation certificate to your keyring
Step 3:
Make the revoked key available to your correspondents
-
-
Regarding file encryption, what does the
--armor
option imply in the commandgpg --output encrypted-message --recipient carol --armor --encrypt unencrypted-message
?It produces ASCII armored output, which allows you to copy the resulting existing encrypted file into an email.
Answers to Explorational Exercises
-
Most
gpg
options have both a long and a short version. Complete the table with the corresponding short version:Long version Short version --armor
-a
--output
-o
--recipient
-r
--decrypt
-d
--encrypt
-e
--sign
-s
-
Answer the following questions concerning key export:
-
What command would you use to export all of your public keys to a file called
all.key
?gpg --export --output all.key
orgpg --export -o all.key
-
What command would you use to export all of your private keys to a file called
all_private.key
?gpg --export-secret-keys --output all_private.key
orgpg --export-secret-keys -o all_private.key
(--export-secret-keys
can be replaced by--export-secret-subkeys
with a slightly different outcome — checkman pgp
for more information).
-
-
What
gpg
option allows for carrying out most key management related tasks by presenting you with a menu?--edit-key
-
What
gpg
option allows you to make a cleartext signature?--clearsign