informatica:linux:claves_gpg
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
informatica:linux:claves_gpg [2013/03/16 12:56] – javi | informatica:linux:claves_gpg [2023/11/30 14:04] (current) – jose | ||
---|---|---|---|
Line 5: | Line 5: | ||
Para operar con las claves, instalar gunpg: | Para operar con las claves, instalar gunpg: | ||
- | aptitude install gnupg | + | |
Line 216: | Line 216: | ||
+ | ==== Revocar Clave del Servidor ==== | ||
+ | Si una clave vamos a dejar de usarla, hay que revocarla. | ||
+ | Para revocarla, tenemos que crear un certificado de revocación y luego subirlo al servidor. Para crear el certificado de revocación, | ||
+ | |||
+ | Vamos a revocar la antigua clave de 1024DSA porque hemos generado una nueva de 4096RSA | ||
+ | |||
+ | < | ||
+ | # gpg --list-keys | ||
+ | |||
+ | ----------------------------- | ||
+ | pub | ||
+ | uid Jose Legido < | ||
+ | sub | ||
+ | |||
+ | pub | ||
+ | uid Jose Legido < | ||
+ | sub | ||
+ | |||
+ | </ | ||
+ | < | ||
+ | # gpg --output revoke1024.asc --gen-revoke 5A988F96 | ||
+ | |||
+ | sec 1024D/ | ||
+ | Create a revocation certificate for this key? (y/N) y | ||
+ | Please select the reason for the revocation: | ||
+ | 0 = No reason specified | ||
+ | 1 = Key has been compromised | ||
+ | 2 = Key is superseded | ||
+ | 3 = Key is no longer used | ||
+ | Q = Cancel | ||
+ | (Probably you want to select 1 here) | ||
+ | Your decision? 3 | ||
+ | Enter an optional description; | ||
+ | > New Key F4AD9A55 | ||
+ | > | ||
+ | Reason for revocation: Key is no longer used | ||
+ | New Key F4AD9A55 | ||
+ | Is this okay? (y/N) y | ||
+ | |||
+ | You need a passphrase to unlock the secret key for | ||
+ | user: "Jose Legido < | ||
+ | 1024-bit DSA key, ID 5A988F96, created 2008-03-20 | ||
+ | |||
+ | ASCII armored output forced. | ||
+ | Revocation certificate created. | ||
+ | |||
+ | Please move it to a medium which you can hide away; if Mallory gets | ||
+ | access to this certificate he can use it to make your key unusable. | ||
+ | It is smart to print this certificate and store it away, just in case | ||
+ | your media become unreadable. | ||
+ | your machine might store the data and make it available to others! | ||
+ | </ | ||
+ | |||
+ | Ahora subimos el certificado de revocación para revocar la clave: | ||
+ | < | ||
+ | # gpg --import revoke1024.asc | ||
+ | gpg: key 5A988F96: "Jose Legido < | ||
+ | gpg: Total number processed: 1 | ||
+ | gpg: new key revocations: | ||
+ | gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model | ||
+ | gpg: depth: 0 valid: | ||
+ | </ | ||
+ | |||
+ | Al cabo de un rato, la clave aparece como revocada: | ||
+ | < | ||
+ | # gpg --search-keys jose@legido.com | ||
+ | gpg: searching for " | ||
+ | (1) Jose Legido < | ||
+ | 4096 bit RSA key F4AD9A55, created: 2014-09-15 | ||
+ | (2) Jose Legido < | ||
+ | 1024 bit DSA key 5A988F96, created: 2008-03-20 (revoked) | ||
+ | |||
+ | </ | ||
==== Descargar claves a servidor de claves ==== | ==== Descargar claves a servidor de claves ==== | ||
Line 267: | Line 340: | ||
gpg: keyserver search failed: keyserver error | gpg: keyserver search failed: keyserver error | ||
- | Indicando otro servidor funciona, pero a veces también falla: | + | Indicando otro servidor funciona, pero a veces también falla. |
- | # gpg | + | Servidores: |
+ | keyserver.ubuntu.com | ||
+ | subkeys.pgp.net | ||
+ | pgp.mit.edu | ||
+ | |||
+ | # gpg | ||
gpg: searching for " | gpg: searching for " | ||
| | ||
Line 403: | Line 481: | ||
Teclear ' | Teclear ' | ||
+ | |||
Line 427: | Line 506: | ||
# gpg --output desencriptado.txt --decrypt encriptado.txt | # gpg --output desencriptado.txt --decrypt encriptado.txt | ||
+ | ==== Encriptar Fichero ==== | ||
+ | |||
+ | 1. Listar las claves instaladas para tenerlas a mano | ||
+ | |||
+ | gpg --list-keys | ||
+ | |||
+ | 2. Encriptar el archivo: | ||
+ | |||
+ | gpg --encrypt archivo.txt | ||
+ | |||
+ | 3. Introducir el identificador de la clave y pulsar ' | ||
+ | |||
+ | 4. Teclear ' | ||
+ | Se habra generado el archivo ' | ||
+ | 1 | ||
==== Programas adicionales ==== | ==== Programas adicionales ==== |
informatica/linux/claves_gpg.txt · Last modified: 2023/11/30 14:04 by jose