Product SiteDocumentation Site

3.2.5. Using GNU Privacy Guard (GnuPG)

GnuPG (GPG) is used to identify yourself and authenticate your communications, including those with people you don't know. GPG allows anyone reading a GPG-signed email to verify its authenticity. In other words, GPG allows someone to be reasonably certain that communications signed by you actually are from you. GPG is useful because it helps prevent third parties from altering code or intercepting conversations and altering the message.
GPG can also be used to sign and/or encrypt files kept on your computer or on a network drive. This can add additional protection in preventing a file from being altered or read by unauthorized people.
To utilize GPG for authentication or encrytion of email you must first generate your public and private keys. After generating the keys you will have to setup your email client to utilize them. Generating GPG Keys in GNOME

Install the Seahorse utility, which makes GPG key management easier. From the main menu, select System > Administration > Add/Remove Software and wait for PackageKit to start. Enter Seahorse into the text box and select the Find. Select the checkbox next to the ''seahorse'' package and select ''Apply'' to add the software. You can also install Seahorse at the command line with the command su -c "yum install seahorse".
To create a key, from the ''Applications > Accessories'' menu select ''Passwords and Encryption Keys'', which starts the application Seahorse. From the ''Key'' menu select ''Create New Key...'' then ''PGP Key'' then click ''Continue''. Type your full name, email address, and an optional comment describing who are you (e.g.: John C. Smith,, The Man). Click ''Create''. A dialog is displayed asking for a passphrase for the key. Choose a strong passphrase but also easy to remember. Click ''OK'' and the key is created.


If you forget your passphrase, the key cannot be used and any data encrypted using that key will be lost.
To find your GPG key ID, look in the ''Key ID'' column next to the newly created key. In most cases, if you are asked for the key ID, you should prepend "0x" to the key ID, as in "0x6789ABCD". You should make a backup of your private key and store it somewhere secure.