How

1. To generate your personal GPG (aka GnuPG^?) keypair to send in (and use from that point forward), type "gpg --gen-key". Accept default option 1, to generate both DSA and ElGamal^? keys. Accept default keysize (1024 bits). Pick no expiration. (You can always change that later.) Specify a "passphrase", which you'll be prompted for in the future whenever it's necessary to unlock your private key. GnuPG^? will grind away; you'll be asked to mouse around and bang the keyboard to supply randomness (no joke!). When done, it will have generated:

~/.gnupg/pubring.gpg
~/.gnupg/secring.gpg

Those are binary "keyrings": places to hold your (and eventually other people's) public and private keys, respectively.

Also do "gpg --output revoke.asc --gen-revoke yourusername" to generate a revocation certificate you can send out if your private key is ever lost or stolen.

2. E-mail me your public key (or tell me where to get it, if you happen to have it on a public keyserver or Web page.)

gpg --export --armor "your@email.address" > yourname.asc
(and then e-mail me yourname.asc).

3. Print out a copy of your key fingerprint. This is for you to carry around. You can get a copy of your key fingerprint by doing this:

gpg --fingerprint "your@email.address" > yourname.fp

...and then print yourname.fp out.

4. Bring to the keysigning event a photo ID and your key fingerprint printout. For your convenience, I'll have a "keysigning party keyring" Web page at http://linuxmafia.com/gpg/ , so you might want to bring a printout of that, too.

5. After the event, do:

gpg --sign-key [key ID]

...for each key you have decided to sign.

Then either send the signatures to me or to a public keyserver such as pgp.dtype.org:

gpg --armor --export [list of key IDs] > keysigning.gpg
...and then e-mail me keysigning.gpg

or

gpg --keyserver pgp.dtype.org --send-key [key ID]
...to submit your signature directly to the keyserver.

Why

To contact Rick, send mail to rick@linuxmafia.com

A couple of weeks ago, I said to Bill Ward that I'd be glad to do a brief (about 15 minute) GnuPG aka gpg "keysigning" at the next meeting. That suggests I ought to first explain what one is, and for whom it would matter.

If you even think you might be interested, please read on.

Bill had found himself wanting to get ssh access to a server activated, but the sysadmin in charge wasn't willing to just accept Bill's SSH public key via e-mail without some way of authenticating that the key came from Bill. The sysadmin said telephoning would have worked, except that he wasn't sure he knew Bill's voice.

This is an example of the need for GnuPG (short for GNU Privacy Guard), an open-source reimplementation of the old PGP (Pretty Good Privacy) program. The sysadmin suggested that Bill sign his SSH key with his PGP or GnuPG key, and mail him the signed copy -- except that the sysadmin had no way of knowing that Bill's GnuPG key was really Bill's, so the same problem remained. See the hang-up?

GnuPG, like PGP before it, addresses the twin (related) problems of authentication and encryption. In this case, Bill needed for the sysadmin to be able to authenticate Bill's cryptographic keys -- to verify that they're really his, and not some imposter's. The mechanism GnuPG provides is signing. There are records ("keyrings") both public and less so of people having signed (and thus being willing to vouch for) other people's keys.

Let's say that Les Kopari has, some time ago, signed Bill's GnuPG key with his own key, and Les has sent his signature (which is itself a crypographically calculated, binary record) to the public keyservers. An example of a keyserver is http://www.us.pgp.net/ . Ordinarily, you would be able to type "Rick Moen" in the "Search for a key" field, pick the "Show Signatures [yes]" radio button, and hit "Search" to bring up a list of all recorded signatures of my key. Unfortunately, the CGI interface is down at the moment. I've informed the guy who maintains that Web server, and hope he'll fix it soon. Meanwhile, there are geekier ways to make your /usr/bin/gpg utility talk directly to keyservers. (You don't have to worry about that, right now.)

Let's say that I've signed Les's own GnuPG key, and likewise sent my signature to the keyservers (a group of machines worldwide that share data; talking to one is the same as talking to any other of them). Let's say that Bill's sysadmin friend happens to have signed my key.

Thus, the sysadmin can (automatically) verify his signature of my signature of Les's signature of Bill's key, and thus knows he can trust that Bill's key is really his. This concept is called the "web of trust", and is in contrast to the "PKI" (Public Key Infrastructure) signing model typified by, say, Web browsers, where the entire world is supposed to collectively decide to trust a bunch of Certificate Authorities (CAs), who in turn get paid to sign individual companies' (and individuals') Web server site certificates.

For the web of trust to be usable, people have to get together (in a physical location), and each participant in turn would show some indication of that person's non-computer-world identities (a photo ID will do), and read out a "hash" (checksum) of his/her GnuPG public key. This would then permit other attendees to reasonably decide they're willing to sign that person's key.

An event coordinator (me, in this case) would collect participants' public keys, prepare a paper sheet of those keys for participants' convenience, and after the event receive and submit participants' signatures of one anothers' keys (again, strictly as a convenience). It's possible to do this in a way so that nobody has to trust the coordinator's integrity, described here in the GPG Keysigning Party HOWTO: http://www.cryptnet.net/fdp/crypto/gpg-party.html

You'll notice that the HOWTO includes a neat little Perl script to generate a worksheet Web page. I've just now used it to create one: http://linuxmafia.com/gpg/

If you want to participate, send me your GPG public key, and I'll add you to it.

If you don't yet have a key, it's dead-easy to make one. Please see "GnuPG Lecture" on http://linuxmafia.com/kb/Security/ . Some of you may remember that as lecture notes for a talk I gave some months ago at PenLUG. (It also gives a brief rundown on keysignings.)

The night before PenLUG, simply print out a copy of http://linuxmafia.com/gpg/ (not as it is today, but after more names have been added), and bring it to the meeting. The rest is easy, and I'll run us through it.

Last, you'll need to e-mail your signatures to me, when you get home from the meeting. My lecture notes explain how. (There's no point in signing keys if you keep the signatures to yourself.)

I hope that's reasonably clear. I can explain more, if anything's still mysterious.