Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

I find PGP to be quite a complex subject. I have gotten to a point where I need

ID: 661816 • Letter: I

Question

I find PGP to be quite a complex subject. I have gotten to a point where I need to give a client a public key for encryption. I have successfully done my homework, generating a public key from my Ubuntu desktop pushed it to keyserver.ubuntu.com, gotten a validation link, hustled to get Thunderbird open, read it, and validated it.

Now I need to send a public key of an ubuntu 10.04 to a partner to encrypt stuff for me. I opted for using a keyserver as opposed to outputting the public key to a file. If I publish the key like explained before I will have use an email, and an encrypted validation mail(sent by launchpad it seems) will be sent to my inbox with a link to confirm the publication. My question is this: The private key is in the ubuntu server How do I decrypt that validation email in order to complete the publication process? We use google apps so I will probably access the encrypted email from my work machine which doesn't have the private key generated on the ubuntu server.

Explanation / Answer

think the key misunderstanding you have is that you think public-private key pairs are somehow tied to a machine. They are not. You can generate a key pair on any machine and export/import it to any other.

The only critical component of PGP you need to worry about is keeping the private key private.

You have two options:

1) Generate a key-pair on your local machine and export/import the private key for all machines you want to perform decrypt/signing operations on
2) Generate different key-pairs for every machine and access them remotely to perform your decrypt/signing operations - this option means the private keys don't need to move around, so it's less prone to mistakes that could expose your private key (very bad).

So If you don't want to manage receiving e-mails on the Ubuntu machine itself (for example by remotely controlling it with X over SSH or VNC), you need to export the private key from the Ubuntu server so you can import it to your local keychain. That's done as follows:

gpg --export-secret-key -a "User Name" > private.key

This key is unprotected so you must be careful about how you move it (use something secure like scp).

Or, do what you already know how to do and generate the key-pair on the machines themselves. If you don't have an e-mail address for every machine, just upload it to a key server that doesn't require e-mail verification

Related Questions

I especially need help with f) and g) but I may not have determined the correct
Question #1193909
I essentially have 2 tables, one named empbb02 and another called infobb02. I wa
Question #3794827
I essentially have three questions concerning weapons based on EM waves or more
Question #2282065
I established a C Corporation last year (June 1, 2017). Tax deadline is near and
Question #2508676
I estimate a multiple regression based on the following variables. The dependent
Question #3314107
I estimate a multiple regression based on the following variables. The dependent
Question #3314167
I estimate a multiple regression based on the following variables. The dependent
Question #3314168
I estimate a multiple regression based on the following variables. The dependent
Question #3314172

Navigate

Previous
I finally have my address book up and running but I want to be able to update ex
Next
I find an assortment of commercial light bulbs (like those you\'d use in a lamp)

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.