Cookies éphémères (7 jours au plus) pour les utilisateurs authentifiés uniquement. Aucun traçage.
Temporary cookies (7 days max) for authenticated users only. No tracking.

Home page > II. Pro > 4. Informatique/Computing > GnuPG on Jolla Sailfish

GnuPG on Jolla Sailfish

15 August 2015, by CeD

A quick three-step guide to getting GPG installed onto your Jolla (thanks to Davi Ottenheimer)

See online : Howto: Install GPG on Jolla Sailfish OS

STEP 1 install pinentry

You have three options:

compile from source
install pinentry-0.8.3-1.armv7hl.rpm or pinentry-0.9.0-10.7.1.jolla.armv7hl.rpm
use warehouse app to search for “pinentry” in OpenRepos and install gnupg-pinentry

STEP 2 open the terminal and install the GnuPG software

[nemo@Jolla ~]$ pkcon install gnupg2

Currently this installs version 2.0.4 with a home of /.gnupg
Remember: the executable binary will be gpg2 (neither ~~gnupg2~~, nor ~~gpg~~).

Supported algorithms:

Pubkey: RSA, ELG, DSA
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hash: MD5, SHA1, RIPEMD160, TIGER192, SHA256, SHA384, SHA512, SHA224
Compression: ZIP, ZLIB, BZIP2

STEP 3 use the terminal to create a key
(or import your existing private key with gpg2 --import)

[nemo@Jolla ~]$ gpg2 --gen-key

Please select what kind of key you want:



(1) DSA and Elgamal (default)

(2) DSA (sign only)

(5) RSA (sign only)

Your selection? [Enter]



DSA keypair will have 1024 bits.

ELG-E keys may be between 1024 and 4096 bits long.



What keysize do you want? (2048) [Enter]

Requested keysize is 2048 bits



Please specify how long the key should be valid.

0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years

Key is valid for? (0) [Enter]

<code>Key does not expire at all

<code>Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID from the Real Name, Comment and Email Address in this form:

"Heinrich Heine (Der Dichter)"

Real name: Davi Ottenheimer

Email address: davi@flyingpenguin.com

Comment:[Enter]

You selected this USER-ID:

"Davi Ottenheimer davi@flyingpenguin.com"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O

 Enter passphrase



 Passphrase _*****************_______________



       OK           Cancel

THINK TWICE AND GATHER WISE ADVICE BEFORE PICKING YOUR PASS PHRASE See here (and never write it down anywhere: its only safe place is in your brain).

We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy.

gpg: key XXXXXXXX marked as ultimately trusted public and secret key created and signed.

gpg: checking the trustdb

gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model

gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u

pub 1024D/XXXXXXXX 2015-07-29

Key fingerprint = XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX

uid Davi Ottenheimer davi@flyingpenguin.com

sub 2048g/YYYYYYYY 2015-07-29

STEP 3.5 verify key

[nemo@Jolla ~]$ gpg2 -k

/home/nemo/.gnupg/pubring.gpg

-----------------------------

pub 1024D/XXXXXXXX 2015-07-29

uid Davi Ottenheimer davi@flyingpenguin.com

sub 2048g/YYYYYYYY 2015-07-29

NOTE: you may want to move and keep your secret keys (secring.gpg) and their back-ups in an encrypted and/or hidden and/or obfuscated form. Please manage file properties (owner, permissions) very carefully: keep in mind that your smartphone is an always connected thing, most of the time unattended, through a wide variety of wireless equipment you know nothing about.

By Davi Ottenheimer – July 29, 2015

P.S.

If you run GPG2 as ’root’ (devel-su) [1], the folder .gnupg (containing your secret keys) will be in /root/ instead of /home/nemo/. You may prefer this option and delete /home/nemo/.gnupg/ (or even keep it with fake content as a lure) for increased security.

Attached documents

gpg2manpage (texte - 127.5 kb)

Footnotes

[1] And please pick a strong password for Developer mode, not ’dev’ or ’qwerty’.

Reply to this article

5 Forum messages

GnuPG on Jolla Sailfish: the GNU Privacy Handbook
16 August 2015 20:46, by CeD

See also the GNU Privacy Handbook
See online : The GNU Privacy Handbook

Reply to this message
- GnuPG on Jolla Sailfish: Le Manuel de GNU Privacy Guard (en français) 16 August 2015 20:57, by CeD
  
  Version française :
  See online : Le Manuel de GNU Privacy Guard (en français)
  
  Reply to this message
GnuPG on Jolla Sailfish: short documentation (French version)
16 August 2015 21:21, by CeD

gpg (GnuPG) 2.0.4

Copyright © 2007 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Home: /.gnupg
Algorithmes supportés:
Clé publique: RSA, ELG, DSA, ELG
Chiffrement: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hachage: MD5, SHA1, RIPEMD160, TIGER192, SHA256, SHA384, SHA512, SHA224
Compression: Non-compressé, ZIP, ZLIB, BZIP2

Syntaxe simplifiée: gpg [options] [fichier]
= signer, vérifier, chiffrer ou déchiffrer (l’opération par défaut dépend des données entrées)

Commandes:

-s, --sign [fichier] faire une signature --clearsign [fichier] faire une signature en texte clair -b, --detach-sign faire une signature détachée -e, --encrypt chiffrer les données -c, --symmetric chiffrement symétrique seulement -d, --decrypt déchiffrer les données (défaut) --verify vérifier une signature -k, --list-keys lister les clés --list-sigs lister les clés et les signatures --check-sigs lister et vérifier les signatures des clés --fingerprint lister les clés et les empreintes -K, --list-secret-keys lister les clés secrètes --gen-key générer une nouvelle paire de clés --delete-keys enlever les clés du porte-clés public --delete-secret-keys enlever les clés du porte-clés secret --sign-key signer une clé --lsign-key signer une clé localement --edit-key signer ou éditer une clé --gen-revoke générer un certificat de révocation --export exporter les clés --send-keys exporter les clés vers un serveur de clés --recv-keys importer les clés d'un serveur de clés --search-keys chercher les clés avec un serveur de clés --refresh-keys mettre à jour les clés depuis un serveur --import importer/fusionner les clés --card-status afficher l'état de la carte --card-edit changer les données d'une carte --change-pin changer le code PIN d'une carte --update-trustdb mettre la base de confiance à jour --print-md alg [fich.] indiquer les fonctions de hachage --server run in server mode

Options:

-a, --armor créer une sortie ascii avec armure -r, --recipient NOM chiffrer pour NOM -u, --local-user utiliser ce nom pour signer ou déchiffrer -z N niveau de compression N (0 désactive) --textmode utiliser le mode texte canonique -o, --output utiliser comme fichier de sortie -v, --verbose bavard -n, --dry-run ne rien changer -i, --interactive demander avant d'écraser un fichier --openpgp utiliser strictement le comportement OpenPGP --pgp2 générer des messages compatibles avec PGP 2.x

(Voir la page de manuel pour une liste complète des commandes et options)

Exemples:

-se -r Alice [fichier] signer et chiffrer pour l'utilisateur Alice --clearsign [fichier] faire une signature en texte clair --detach-sign [fichier] faire une signature détachée --list-keys [utilisateur] montrer les clés --fingerprint [utilisateur] montrer les empreintes

Signaler toutes anomalies à <gnupg-bugs@gnu.org> (en anglais) et tout problème de traduction à <traduc@traduc.org>.

THIS SHORT DOCUMENTATION IN ENGLISH:
Execute gpg2 --help > gpg2documentation.txt (from terminal) while your Jolla phone language is set to English.

Reply to this message
- GnuPG on Jolla Sailfish: man page (longer documentation) 22 August 2015 08:15, by CeD
  
  In terminal, execute
  man gpg2 > gpg2manpage.txt
  
  Reply to this message
  - GnuPG on Jolla Sailfish: man page (longer documentation) 16 November 2015 00:41, by CeD
    
    Note: to read ’man’ data you must install “man-db” from Openrepos.
    Reply to this message