Creating GPG Keys
Using GUI Tools
To create a key, from the "Applications/Accessories" menu select "Passwords and Encryption Keys" (this will launch the Seahorse program).
Note: Seahorse is not installed by default, it can be installed using the "Add/Remove Software" utility in the "Applications" menu. Go to "Search" tab, type "seahorse" and click "Search". Select "seahorse - GNOME2 interface for gnupg" and click "Apply", "Continue" and "Continue" again. Seahorse can also be installed from the command line by running yum install seahorse
, as root
.
From the "Key" menu select "Create New Key..." then "PGP Key" then click "Continue". Type your full name, email address and an optional comment describing who are you (e.g.: Davidson R. Paulo, dpaulo@fedoraproject.org, Fedora Ambassador). Click "Create". A dialog will be displayed asking for a passphrase for the key. Choose a strong passphrase but also easy to remember. Click "OK" and the key is created.
Caution: The passphrase should be hard for other people to guess but easy to remember since it CANNOT be recovered. If the passphrase is lost so is the key.
The key should be exported to a keyserver. Right-click the key and select "Sync and Publish Keys..." Click "Key Servers", select "hkp://pgp.mit.edu:11371" in the "Publish Keys To" combobox, click "Close" and then "Sync".
Note: if the key can't be synchronized, it is possible the traffic is being blocked by a firewall. To publish the key: right-click the key and select "Copy Public Key". Go to http://pgp.mit.edu/, paste (Ctrl+V) the public key in the "Submit a Key" textbox and click "Submit this key to the keyserver!"
Warning: Backups should be made, place the private key placed in a safe location (e.g.: CD, DVD, USB key). To do that, right-click your key, select "Details" tab, click "Export" button in "Export Complete Key", select a destination and a filename and click "Save".