mNo edit summary |
m (Robot: Changing Category:DocsProject) |
||
Line 57: | Line 57: | ||
* http://gnupg.org/ | * http://gnupg.org/ | ||
[[Category: | [[Category:Docs Project]] |
Revision as of 23:36, 14 July 2008
Cryptography
Cryptographic technology helps provide security and privacy by allowing you to encrypt and sign electronic communications. Fedora includes the OpenSSH and GnuPG tools for cryptographic communications. LUKS has also been integrated with Fedora to provide hard disk encryption.
The Theory
OpenSSH and GnuPG use a common cryptographic theory to allow encryption and cryptographic signatures based upon public and private keys. In this theory, each person or organization has one or more private keys, and each private key has a corresponding public key. The private key is required to decrypt data and create signatures. The public key can be shared freely and is used to encrypt data and verify signatures. More information about how and why this works can be found on the OpenSSH and GnuPG websites.
OpenSSH
OpenSSH is an SSH implementation included in Fedora. SSH (Secure SHell) allows encrypted and cryptographically authenticated connections between computers.
Installing OpenSSH
OpenSSH is usually included by default on Fedora installations. If you do not already have it installed, you can install the package using yum:
yum install openssh
Creating SSH Keys
Once SSH is installed, you can use ssh-keygen
to create your private and public keys:
ssh-keygen -t rsa
You will be prompted for a location (pressing Enter uses the default), and a passphrase. Choose a good passphrase that you won't forget.
For usage instructions for ssh-keygen
, run man ssh-keygen
to view the manual.
By default, your new private and public keys will be stored in ~/.ssh/id_rsa
and ~/.ssh/id_rsa.pub
, respectively.
You can share your public key openly. Server administrators can use it to grant you access to their systems. You should carefully protect your private key and not share it with anyone.
Additional information is available at:
GnuPG
The GNU Privacy Guard (GnuPG or GPG) is a generic cryptographic tool. GPG is often used to sign email messages, and the Fedora Project uses it to sign packages.
Installing GnuPG
GnuPG is included in Fedora. It can be installed using yum:
yum install gnupg
Creating GPG Keys
GPG key creation is more complex than SSH key creation, and many people prefer to use a graphical interface such as kgpg
on KDE or seahorse
on GNOME. kgpg
is available in the kdeutils
package. seahorse
is in the Fedora repository.
See CreatingKeys from the Fedora Documentation Project for detailed command line instructions.
Additional information is available at: