Here is another post that I found interesting and I copy on our blog.
http://spin.atomicobject.com/2013/11/24/secure-gpg-keys-guide/
Generating the Primary Key
Expert Mode
Invoke
gpg --gen-key with the
--expert flag to expose some additional menu items.
1
2
3
4
5
6
7
8
9
10
11
12
13
| $ gpg --expert --gen-key
gpg (GnuPG) 1.4.12; Copyright (C) 2012 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
(7) DSA (set your own capabilities)
(8) RSA (set your own capabilities)
Your selection? 8
|
Capabilities
Choose
(8) RSA (set your own capabilities). Then set the capabilities of the key to only
Certify by toggling
Signing and
Encryption off.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
| Possible actions for a RSA key: Sign Certify Encrypt Authenticate
Current allowed actions: Sign Certify Encrypt
(S) Toggle the sign capability
(E) Toggle the encrypt capability
(A) Toggle the authenticate capability
(Q) Finished
Your selection? s
Possible actions for a RSA key: Sign Certify Encrypt Authenticate
Current allowed actions: Certify Encrypt
(S) Toggle the sign capability
(E) Toggle the encrypt capability
(A) Toggle the authenticate capability
(Q) Finished
Your selection? e
Possible actions for a RSA key: Sign Certify Encrypt Authenticate
Current allowed actions: Certify
(S) Toggle the sign capability
(E) Toggle the encrypt capability
(A) Toggle the authenticate capability
(Q) Finished
Your selection? q
|
We’ll be using separate, short-lived subkeys for these purposes, but
there are rare cases where you may be required to use this primary key
for signing instead of a subkey certified by it (for example, if you
need to prove ownership of this key to a party that doesn’t recognize
subkeys).
As long as you have the private key material, it’s theoretically
feasible to use keys for any purpose. But in practice, it simplifies
things greatly if you have the capabilities you intend to use attached
to the metadata for the keys when you generate them.
Feel free to leave
the
Signing capability enabled if you’re worried about being hampered by this in the future.
Key-length
While the guide uses a 2048-bit key, we’ll use a 4096-bit key. Unless
a larger key size isn’t well-suited for your needs (e.g. not being
supported by software you need to use it with), it makes sense to use
the largest key size available to ensure the key will be difficult to
crack long into the future.
And after all, a 4096-bit key is what
Bruce Schneier is using these days.
1
2
3
| RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
|
Expiration
Though the intent is to maintain this primary key more or less
permanently — or at least until 4096-bit RSA is no longer thought to be
secure — setting an expiration date on this key (for far into the
future) may still be prudent, in the case (by that time) we have lost
both the secret key and any copies we had of its revocation certificate.
When you have the private key, you can always push an expiration date
back, so let’s set this key to expire in 3 years. If we’re still using
it when that date approaches, we can set a new expiration date and
distribute the updated public key.
1
2
3
4
5
6
7
8
9
| Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 3y
Key expires at Thu 03 Nov 2016 08:18:42 PM UTC
Is this correct? (y/N)y
|
uid
Next add a uid (name and e-mail).
1
2
3
4
5
6
7
8
9
10
11
| You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
Real name: John Doe
Email address: john.doe@example.com
Comment:
You selected this USER-ID:
"John Doe <john.doe@example.com>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
|
You can add additional uids later, if you wish.
Passphrase
1
2
3
| You need a Passphrase to protect your secret key.
Enter passphrase:
|
Make sure to use a very strong passphrase here. Something long and
hard to guess. If an attacker ever gets a copy of your secret key, this
pass phrase should keep them from using it, or at least make it much
more difficult.
Key Generation
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
| We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
..........+++++
.+++++
gpg: key 144A027B marked as ultimately trusted
public and secret key created and signed.
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2016-11-03
pub 4096R/144A027B 2013-11-04 [expires: 2016-11-03]
Key fingerprint = 6E95 9C3A 35E7 6783 2BF4 BA32 21BB 9DA3 144A 027B
uid John Doe <john.doe@example.com>
|
It’s important to have a lot of entropy available to this process,
otherwise the keys produced may be more easily predicted.
Adding Subkeys
At this point, we have an OpenPGP key with only a 4096-bit RSA primary key for Certifying other keys.
1
2
3
4
5
6
7
8
9
10
11
| $ gpg -k
/home/amnesia/.gnupg/pubring.gpg
--------------------------------
pub 4096R/144A027B 2013-11-04 [expires: 2016-11-03]
uid John Doe <john.doe@example.com>
$ gpg -K
/home/amnesia/.gnupg/secring.gpg
--------------------------------
sec 4096R/144A027B 2013-11-04 [expires: 2016-11-03]
uid John Doe <john.doe@example.com>
|
Now we can add the subkeys we’ll use for Signing, Encryption, and Authentication.
edit-key
Using
--expert with
gpg is like holding
down alt/option on a Mac — it’s a good way to get at additional
functionality that’s hidden from the default menus.
--edit-key should bring us to a prompt like this:
1
2
3
4
5
6
7
8
9
10
11
12
| $ gpg --expert --edit-key john.doe@example.com
gpg (GnuPG) 1.4.12; Copyright (C) 2012 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Secret key is available.
pub 4096R/144A027B created: 2013-11-04 expires: 2016-11-03 usage: C
trust: ultimate validity: ultimate
[ultimate] (1). John Doe <john.doe@example.com>
gpg>
Note you could also use the key id to edit it
gpg --expert --edit-key 144A027B
|
addkey
At this prompt, we’ll use
addkey to add our subkeys.
When we’re done, we should be left with a 4096-bit RSA primary key with
the ‘certify’ capability and a three-year expiration and three 3072-bit
RSA subkeys that expire six months from now with ‘sign’, ‘encrypt’, and
‘authenticate’ capabilities set accordingly.
We’ll invoke
addkey for each of the subkeys we want to add.
1
2
3
4
5
6
7
8
| gpg> addkey
Key is protected.
You need a passphrase to unlock the secret key for
user: "John Doe <john.doe@example.com>"
4096-bit RSA key, ID 144A027B, created 2013-11-04
Enter passphrase:
|
As we did with the primary key, we’ll toggle the capabilities of each
key we add such that we’re left with only the one capability we want
for that key.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
| Please select what kind of key you want:
(3) DSA (sign only)
(4) RSA (sign only)
(5) Elgamal (encrypt only)
(6) RSA (encrypt only)
(7) DSA (set your own capabilities)
(8) RSA (set your own capabilities)
Your selection? 8
Possible actions for a RSA key: Sign Encrypt Authenticate
Current allowed actions: Sign Encrypt
(S) Toggle the sign capability
(E) Toggle the encrypt capability
(A) Toggle the authenticate capability
(Q) Finished
Your selection? e
Possible actions for a RSA key: Sign Encrypt Authenticate
Current allowed actions: Sign
(S) Toggle the sign capability
(E) Toggle the encrypt capability
(A) Toggle the authenticate capability
(Q) Finished
Your selection? q
|
1
2
| RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 3072
|
For reasons discussed in my
Secure GPG Keys post, we’ll set these subkeys to expire relatively soon:
1
2
3
4
5
6
7
8
9
| Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 6m
Key expires at Sat 03 May 2014 08:24:29 PM UTC
Is this correct? (y/N)y
|
After specifying the key type, capabilities, bit length, and expiration, we’ll generate the actual subkey:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
| Really create? (y/N) y
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 268 more bytes)
+++++
Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 8 more bytes)
+++++
pub 4096R/144A027B created: 2013-11-04 expires: 2016-11-03 usage: C
trust: ultimate validity: ultimate
sub 3072R/E02EDE61 created: 2013-11-04 expires: 2014-05-03 usage: S
[ultimate] (1). John Doe <john.doe@example.com>
gpg>
|
(Repeat this
addkey process for the Encryption and Authentication subkeys)
While we’re still editing the complete key, we could also add
addional uids, e.g. work e-mail address or other organizational
addresses we might be known by. Typing
adduid at the prompt will allow you to add additional uids.
We could even add a small (~120x144px, ~4KB JPEG) photo with
addphoto if we wanted, but that’s probably not worth the effort of creating and bringing into our “air-gapped” environment right now.
When we’re finished, we’ll
save the key to our keyring.
1
2
3
4
5
6
7
8
9
| pub 4096R/144A027B created: 2013-11-04 expires: 2016-11-03 usage: C
trust: ultimate validity: ultimate
sub 3072R/E02EDE61 created: 2013-11-04 expires: 2014-05-03 usage: S
sub 3072R/A59563DA created: 2013-11-04 expires: 2014-05-03 usage: E
sub 3072R/B2E31884 created: 2013-11-04 expires: 2014-05-03 usage: A
[ultimate] (1). John Doe <john.doe@example.com>
gpg> save
$
|
No comments:
Post a Comment