特殊:Badtitle/NS100:GPGsigningforSSHHowTo:修订间差异
小无编辑摘要 |
小无编辑摘要 |
||
第16行: | 第16行: | ||
'''Run all commands as a regular user.''' | '''Run all commands as a regular user.''' | ||
<pre><nowiki> | <pre><nowiki> | ||
# ssh-keygen | |||
</nowiki></pre> | </nowiki></pre> | ||
This will create your public and private ssh-dsa keys | This will create your public and private ssh-dsa keys | ||
第24行: | 第25行: | ||
I have generated a new key, and posted the output. | I have generated a new key, and posted the output. | ||
<pre><nowiki> | <pre><nowiki> | ||
# gpg --gen-key | |||
gpg (GnuPG) 1.2.5; Copyright (C) 2004 Free Software Foundation, Inc. | gpg (GnuPG) 1.2.5; Copyright (C) 2004 Free Software Foundation, Inc. | ||
This program comes with ABSOLUTELY NO WARRANTY. | This program comes with ABSOLUTELY NO WARRANTY. | ||
第32行: | 第34行: | ||
Please select what kind of key you want: | Please select what kind of key you want: | ||
#-> (1) DSA and ElGamal (default) | |||
(2) DSA (sign only) | |||
(4) RSA (sign only) | |||
Your selection? 1 | Your selection? 1 | ||
DSA keypair will have 1024 bits. | DSA keypair will have 1024 bits. | ||
About to generate a new ELG-E keypair. | About to generate a new ELG-E keypair. | ||
minimum keysize is 768 bits | |||
default keysize is 1024 bits | |||
highest suggested keysize is 2048 bits | |||
What keysize do you want? (1024) | What keysize do you want? (1024) | ||
#->Requested keysize is 1024 bits | |||
Please specify how long the key should be valid. | Please specify how long the key should be valid. | ||
0 = key does not expire | |||
<n> = key expires in n days | |||
<n>w = key expires in n weeks | |||
<n>m = key expires in n months | |||
<n>y = key expires in n years | |||
#->Key is valid for? (0) | |||
Key does not expire at all | Key does not expire at all | ||
Is this correct (y/n)? y | Is this correct (y/n)? y | ||
第54行: | 第59行: | ||
You need a User-ID to identify your key; the software constructs the user id | You need a User-ID to identify your key; the software constructs the user id | ||
from Real Name, Comment and Email Address in this form: | from Real Name, Comment and Email Address in this form: | ||
"Heinrich Heine (Der Dichter) <[email protected]>" | |||
Real name: mr bo jangles | Real name: mr bo jangles | ||
第60行: | 第65行: | ||
Comment: comment | Comment: comment | ||
You selected this USER-ID: | You selected this USER-ID: | ||
"mr bo jangles (comment) <[email protected]>" | |||
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O | Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O | ||
You need a Passphrase to protect your secret key. | You need a Passphrase to protect your secret key. | ||
#-> passphrase: | |||
We need to generate a lot of random bytes. It is a good idea to perform | We need to generate a lot of random bytes. It is a good idea to perform | ||
第80行: | 第86行: | ||
pub 1024D/5F6D1662 2005-03-26 mr bo jangles (comment) <[email protected]> | pub 1024D/5F6D1662 2005-03-26 mr bo jangles (comment) <[email protected]> | ||
Key fingerprint = D1BC 6822 0ACB 0025 8902 6DE7 87EA 4324 5F6D 1662 | |||
sub 1024g/0572A97F 2005-03-26 | sub 1024g/0572A97F 2005-03-26 | ||
</nowiki></pre> | </nowiki></pre> | ||
第98行: | 第104行: | ||
<pre><nowiki> | <pre><nowiki> | ||
# gpg --import Administrator.pub | |||
</nowiki></pre> | </nowiki></pre> | ||
Now get the Administrators key ID, and your key ID as well: | Now get the Administrators key ID, and your key ID as well: | ||
<pre><nowiki> | <pre><nowiki> | ||
# gpg --list-keys | |||
pub 1024D/ABCABCAB 2005-03-26 Administrator_Email <[email protected]> | pub 1024D/ABCABCAB 2005-03-26 Administrator_Email <[email protected]> | ||
pub 1024D/XYZXYZXY 2005-03-26 Your_Email_Address <[email protected]> | pub 1024D/XYZXYZXY 2005-03-26 Your_Email_Address <[email protected]> | ||
第121行: | 第129行: | ||
Sign the key: | Sign the key: | ||
<pre><nowiki> | <pre><nowiki> | ||
# gpg -u XYZXYZXY -r ABCABCAB --armor --sign --encrypt ~/.ssh/id_dsa.pub | |||
</nowiki></pre> | </nowiki></pre> | ||
2007年5月24日 (四) 10:00的版本
文章出处: |
{{#if: | {{{2}}} | https://help.ubuntu.com/community/GPGsigningforSSHHowTo }} |
点击翻译: |
English {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/af | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|Afrikaans| [[::GPGsigningforSSHHowTo/af|Afrikaans]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/ar | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|العربية| [[::GPGsigningforSSHHowTo/ar|العربية]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/az | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|azərbaycanca| [[::GPGsigningforSSHHowTo/az|azərbaycanca]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/bcc | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|جهلسری بلوچی| [[::GPGsigningforSSHHowTo/bcc|جهلسری بلوچی]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/bg | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|български| [[::GPGsigningforSSHHowTo/bg|български]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/br | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|brezhoneg| [[::GPGsigningforSSHHowTo/br|brezhoneg]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/ca | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|català| [[::GPGsigningforSSHHowTo/ca|català]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/cs | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|čeština| [[::GPGsigningforSSHHowTo/cs|čeština]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/de | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|Deutsch| [[::GPGsigningforSSHHowTo/de|Deutsch]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/el | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|Ελληνικά| [[::GPGsigningforSSHHowTo/el|Ελληνικά]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/es | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|español| [[::GPGsigningforSSHHowTo/es|español]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/fa | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|فارسی| [[::GPGsigningforSSHHowTo/fa|فارسی]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/fi | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|suomi| [[::GPGsigningforSSHHowTo/fi|suomi]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/fr | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|français| [[::GPGsigningforSSHHowTo/fr|français]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/gu | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|ગુજરાતી| [[::GPGsigningforSSHHowTo/gu|ગુજરાતી]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/he | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|עברית| [[::GPGsigningforSSHHowTo/he|עברית]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/hu | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|magyar| [[::GPGsigningforSSHHowTo/hu|magyar]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/id | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|Bahasa Indonesia| [[::GPGsigningforSSHHowTo/id|Bahasa Indonesia]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/it | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|italiano| [[::GPGsigningforSSHHowTo/it|italiano]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/ja | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|日本語| [[::GPGsigningforSSHHowTo/ja|日本語]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/ko | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|한국어| [[::GPGsigningforSSHHowTo/ko|한국어]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/ksh | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|Ripoarisch| [[::GPGsigningforSSHHowTo/ksh|Ripoarisch]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/mr | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|मराठी| [[::GPGsigningforSSHHowTo/mr|मराठी]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/ms | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|Bahasa Melayu| [[::GPGsigningforSSHHowTo/ms|Bahasa Melayu]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/nl | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|Nederlands| [[::GPGsigningforSSHHowTo/nl|Nederlands]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/no | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|norsk| [[::GPGsigningforSSHHowTo/no|norsk]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/oc | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|occitan| [[::GPGsigningforSSHHowTo/oc|occitan]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/pl | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|polski| [[::GPGsigningforSSHHowTo/pl|polski]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/pt | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|português| [[::GPGsigningforSSHHowTo/pt|português]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/ro | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|română| [[::GPGsigningforSSHHowTo/ro|română]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/ru | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|русский| [[::GPGsigningforSSHHowTo/ru|русский]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/si | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|සිංහල| [[::GPGsigningforSSHHowTo/si|සිංහල]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/sq | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|shqip| [[::GPGsigningforSSHHowTo/sq|shqip]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/sr | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|српски / srpski| [[::GPGsigningforSSHHowTo/sr|српски / srpski]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/sv | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|svenska| [[::GPGsigningforSSHHowTo/sv|svenska]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/th | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|ไทย| [[::GPGsigningforSSHHowTo/th|ไทย]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/tr | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|Türkçe| [[::GPGsigningforSSHHowTo/tr|Türkçe]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/vi | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|Tiếng Việt| [[::GPGsigningforSSHHowTo/vi|Tiếng Việt]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/yue | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|粵語| [[::GPGsigningforSSHHowTo/yue|粵語]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/zh | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|中文| [[::GPGsigningforSSHHowTo/zh|中文]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/zh-hans | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|中文(简体)| [[::GPGsigningforSSHHowTo/zh-hans|中文(简体)]]}}|}} {{#ifexist: {{#if: UbuntuHelp:GPGsigningforSSHHowTo | UbuntuHelp:GPGsigningforSSHHowTo | {{#if: | :}}GPGsigningforSSHHowTo}}/zh-hant | • {{#if: UbuntuHelp:GPGsigningforSSHHowTo|中文(繁體)| [[::GPGsigningforSSHHowTo/zh-hant|中文(繁體)]]}}|}} |
{{#ifeq:UbuntuHelp:GPGsigningforSSHHowTo|:GPGsigningforSSHHowTo|请不要直接编辑翻译本页,本页将定期与来源同步。}} |
{{#ifexist: :GPGsigningforSSHHowTo/zh | | {{#ifexist: GPGsigningforSSHHowTo/zh | | {{#ifeq: {{#titleparts:GPGsigningforSSHHowTo|1|-1|}} | zh | | }} }} }} {{#ifeq: {{#titleparts:GPGsigningforSSHHowTo|1|-1|}} | zh | | }}
Intro
Often to access a remote server by SSH the administrator of the server will ask for your public ssh_dsa key so that he knows it is really your computer that is trying to access his server, and not some hacker. In order to ensure security the administrator will often ask you to first sign the ssh_dsa key using gpg so that he knows the ssh_dsa key comes from you, and that it has not been intercepted by... yup, a hacker.
This guide will show you how to generate your ssh and gpg keys and then
how to use them to perform a secure transaction between two partys.
This guide should work on any Gnu/Linux operating system.
This guide assumes you have already installed open-ssh
and gnupg
.
Generate the SSH DSA keys
Run all commands as a regular user.
# ssh-keygen
This will create your public and private ssh-dsa keys the public key that the administraitor needs should be locaed here: ~/.ssh/id_dsa.pub
Generate the GPG keys
I have generated a new key, and posted the output.
# gpg --gen-key gpg (GnuPG) 1.2.5; Copyright (C) 2004 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. gpg: keyring `/home/alex/.gnupg/secring.gpg' created Please select what kind of key you want: #-> (1) DSA and ElGamal (default) (2) DSA (sign only) (4) RSA (sign only) Your selection? 1 DSA keypair will have 1024 bits. About to generate a new ELG-E keypair. minimum keysize is 768 bits default keysize is 1024 bits highest suggested keysize is 2048 bits What keysize do you want? (1024) #->Requested keysize is 1024 bits Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years #->Key is valid for? (0) Key does not expire at all Is this correct (y/n)? y You need a User-ID to identify your key; the software constructs the user id from Real Name, Comment and Email Address in this form: "Heinrich Heine (Der Dichter) <[email protected]>" Real name: mr bo jangles Email address: [email protected] Comment: comment You selected this USER-ID: "mr bo jangles (comment) <[email protected]>" Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O You need a Passphrase to protect your secret key. #-> passphrase: We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. +++++.+++++++++++++++.+++++++++++++++.+++++.++++++++ We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. +++++++++++++++++++++++++.++++++++++..+++++++++++++ public and secret key created and signed. key marked as ultimately trusted. pub 1024D/5F6D1662 2005-03-26 mr bo jangles (comment) <[email protected]> Key fingerprint = D1BC 6822 0ACB 0025 8902 6DE7 87EA 4324 5F6D 1662 sub 1024g/0572A97F 2005-03-26
Your public and private GPG keys should now be located in your ~/.gnupg directory.
Put your private key on a cd-rom or a floppy or somewhere very safe, but do not lose it or else you will be unable to sign any documents. Never ever give it to anyone under any circumstance. If you have given anyone your private key then you must revoke the key immediately and generate a new set.
Exchange Public Keys
It is good practice to put your public GPG key on a public key server where others can access it easily. Biglumber.com is a public key server. In order to put your public key on biglumber you will need to go though a verification process with them first.
Go to biglumber.com and put your public key on their server. *
While you are at biglumber you will need to find the public key of the Administrator to who you are planning to send your digitally signed and encrypted message. Once you have done that, you must then import the Administrators public key into your keyring.
# gpg --import Administrator.pub
Now get the Administrators key ID, and your key ID as well:
# gpg --list-keys pub 1024D/ABCABCAB 2005-03-26 Administrator_Email <[email protected]> pub 1024D/XYZXYZXY 2005-03-26 Your_Email_Address <[email protected]>
Aministrator ID: ABCABCAB
Your ID: XYZXYZXY
Make a Secure Transaction
GPG will use your secret key (~/.gnupg/secring.gpg) to sign and encrypt your public ssh key (~/.ssh/id_dsa.pub).
Only the Administrator will be able to unencrypt the file because you are also using his public key to encrypt it.
In turn, he will only be able to decrypt it if he has your public key on his key ring.
Sign the key:
# gpg -u XYZXYZXY -r ABCABCAB --armor --sign --encrypt ~/.ssh/id_dsa.pub
Send the result (id_dsa.pub.gpg) to the Administrator along with a link to where you keep your public key on Biglumber. He will verify the your information and then allow you to access his system by ssh.
* In an ideal world you are only supposed to exchange public keys directly and in person, this way you know 100% that the public key truely belongs to the correct person.