Department of Computer Science and Statistics

President's Message Map and Directions Admission Faculty and Staff URI Info Bank Campus Master Plan

Kingston Campus Feinstein Providence Campus Narragansett Bay Campus W. Alton Jones Campus

Colleges, Schools, Majors, and Departments Course Schedules and Catalog Graduate School Summer Program Academic Calendars and Exam Schedules Enrollment Services

Division of Research and Economic Development Outreach Programs Graduate School University Libraries Marine and Environmental Programs

Team Sports at GoRhody.com Recreation Ryan Center

Events Calendar News Releases The Good 5¢ Cigar inAdvance@URI QUADangles

HowTo: GPG

Filed under: Technical References

Posted: March 7, 2009

If you wish to sign your e-mails with a security key (and be able to read key-guarded messages), then you may utilize the GNU Privacy Guard (GPG).

Creating a Key

First, log in to the CS network with a Linux terminal.

jdoe@london ~ $ gpg –gen-key

The program will ask you a few simple questions: what your name is, what you want your comment to be, if anything, and what your e-mail address is (use your cs.uri.edu address). After this, you will need to enter your passphrase. Your passphrase is akin to a password. It should be treated like a password, as well (so nothing easily guessable please).

Once you hit enter, it’ll start generating the key. You may take this time to do something random on the computer, like playing a game, working on homework, or just banging on the keyboard typing a bunch of random letters and symbols. Doing so increases entropy and causes a more random result.

The next command will allow you to search the central database of all PGP keys.

echo “keyserver hkp://pgp.mit.edu” > .gnupg/gpg.conf

You should send your key to this server with:

gpg –send-keys yourusername@cs.uri.edu

Retrieving Other Keys

You should also do the following to be able to verify messages send from sysstaff:

gpg –recv-key 547EE720

To look for other people who have uploaded their keys, use:

gpg –search-keys @cs.uri.edu

Note that you can also use that command to pick keys to receive. Having other peoples keys means you can (a) verify messages they sign and (b) send encrypted messages to them.

Exporting the Key

If you want to export your public key to a file, you would type:

gpg –export –armor –output .pgpkey your_userid_or_keyid > file_name

If you run this from your home directory, it will be available through the finger command. You could also mail this file to someone, and then they could import it into their keyring (see next section).

Importing Keys

To import a file into your keyring, use:

gpg –import file_name

Note that if you are using mutt on the shell servers with the provided configuration file, new keys on signed messages are automatically imported when you read the message.