single-blog-post-content-image

Creating a new Keypair

This tutorial is a proposed way for creating what I consider secure OpenPGP keys. After 5 years of using GPG I have learned a lot regarding the usuage, creation, maintenance and managing of PGP keys. This guide encapsulates what I have learned ove these years, to serve as a guide for myself in future but also as a reference for the internet community at large.

As security is an always chaging landscape, I am always open for proposed amendments to my below instructions. As such also I can’t guarantee that at the time of you reading this article, that it is aligned with current security recommendations.

In this article I am using GPG2 with the associated options and capabilities as listed below:

$ gpg2 --version
gpg (GnuPG) 2.2.3
libgcrypt 1.8.1
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/andrew/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

A lot of information is available on the internet regarding the use of PGP, GPG and it’s associated versions for various operating systems. However a lot of this information is outdated and doens’t align with today’s security recommendations.

The technology landscape is a lot different today than it was in 1991 when PGP was first released by Phil Zimmerman. The use of OpenPGP keys on mobile devices means that the private key must be available on the devices for decrypting and signing keys, however, yet if the private key is lost, this can result in massive headaches.

Subkeys assist in mitigating loss

Subkeys is a way to assist in minimzing the damage caused by the loss or compromise of keys. Subkeys are based on the following concept

  1. We create an initial keypair consisting of a public and certify private key. This keypair is your master keypair which must be stored in a safe place.
  2. Next we add a signing subkey, used to sign messages, aswell as a encryption subkey, used to decrypt messages encrypted with your public key. These keys are related to your master keypair in a mathematical way.
  3. Next the keypair is modified by removing the master keypair and only leaving the subkeys. This transforms the keypair into your daily keypair.

What’s the advantage of using subkeys? If the encryption or signing key is lost, stolen, or compromised in some way, we can simply revoke the subkeys and create new subkeys. Since the original keypair is not revoked, all signatures on this keypair remains. Important to note that Mallory can still decrypt all encrypted messages sent to you previously, however any new encrypted messages won’t be able to be decrypted.

Create your initial keypair

he first step is to create our master keypair by using the gpg2 --expert --full-gen-key command. We will proceed to create an RSA based key. There is a lot of debate on whether to use RSA or ECC-based keys, but the instrutions below can also be used for ECC curves.

gpg2 --expert --full-gen-key
gpg (GnuPG) 2.2.3; Copyright (C) 2017 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
   (7) DSA (set your own capabilities)
   (8) RSA (set your own capabilities)
   (9) ECC and ECC
  (10) ECC (sign only)
  (11) ECC (set your own capabilities)
  (13) Existing key
Your selection? 8

To create our RSA key go ahead and select option (8) RSA (set your own capabilities). We only want the Certify capability, go ahead and toggle the Sign and Encrypt capabilities.

Possible actions for a RSA key: Sign Certify Encrypt Authenticate
Current allowed actions: Sign Certify Encrypt

   (S) Toggle the sign capability
   (E) Toggle the encrypt capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? s

Possible actions for a RSA key: Sign Certify Encrypt Authenticate
Current allowed actions: Certify Encrypt

   (S) Toggle the sign capability
   (E) Toggle the encrypt capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? e

Possible actions for a RSA key: Sign Certify Encrypt Authenticate
Current allowed actions: Certify

   (S) Toggle the sign capability
   (E) Toggle the encrypt capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? q

Key Length

It makes sense to use a larger key, than the proposed 2048 bit key proposed by GPG. The larger the key, the more resistant the key should be to future attacks as computers increase in processing power. A smaller key can be used if a larger key is not well suited for your needs e.g. not being supported by your software. For this article we will use the largest possible value for an RSA key which is 4096 bits.

RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits

Expiration

Even though the primary key is supposed to be used for a considerable time in future, if the key is lost or compromised then the key will remain forever out in the wild. An expiration date assists in prventing this. In this tutorial I used an expiration date of 5 years, but a shorter period can be used. The expiration date acan alwats be amended as long as you have access to the private key.

Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 5y
Key expires at Fri 16 Dec 2022 03:40:41 PM SAST
Is this correct? (y/N) y

Adding UID

Next we will add a user ID which consists of your name and email address. It is recommended to use your name as it appears on government issued identification documents. This is important if you want to get your key signed by other people in the PGP/GPG community as most peoples key signing policies require this. Most key signing policies in the PGP/GPG community following (CACert Practice on Names policy)[http://wiki.cacert.org/AssuranceHandbook2#PracticeOnNames.Practice_on_Names]

GnuPG needs to construct a user ID to identify your key.

Real name: John Doe
Email address: john.doe@example.com
Comment:
You selected this USER-ID:
    "John Doe <john.doe@example.com>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O

Passphrase for secret key

When requested for a passphrase be sure to choose a strong and secure passpharse which you will be able to remember.

You need a Passphrase to protect your secret key.

Enter passphrase:
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: key 0xFEB714863B310F5B marked as ultimately trusted
public and secret key created and signed.

pub   rsa4096/0xFEB714863B310F5B 2017-12-17 [C] [expires: 2022-12-16]
      Key fingerprint = B37F 23E6 393F CF17 E32C  3DF1 FEB7 1486 3B31 0F5B
uid                              John Doe <john.doe@example.com>

Adding subkeys

We will now be adding the various subkeys to our master keypair in order to make it a usuable GPG key. We will be adding the following three subkeys:

  • Signing Subkey: A signing key is used for signing and verifying integrity of a message. The signing key is used for non-repudiation.
  • Encryption Subkey: An encryption subkey allows you to decrypt and encrypted message sent to you.
  • Authentiation Subkey: An authentication key is used to login to an SSH service with an OpenPGP key.

Open the master keypair for editing to allow us to add subkeys.

The below procedures are exactly the same as for the master keypair. However it is recommend to use shorter expiration dates on these keys, as they can be lost or compromised much easier because of there presence on mobile devices.

gpg2 --expert --edit-key 0xFEB714863B310F5B
gpg (GnuPG) 2.2.3; Copyright (C) 2017 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u
gpg: next trustdb check due at 2022-12-16
sec  rsa4096/0xFEB714863B310F5B
     created: 2017-12-17  expires: 2022-12-16  usage: C
     trust: ultimate      validity: ultimate
[ultimate] (1). John Doe <john.doe@example.com>

Adding Signing Subkey

gpg> addkey
Please select what kind of key you want:
   (3) DSA (sign only)
   (4) RSA (sign only)
   (5) Elgamal (encrypt only)
   (6) RSA (encrypt only)
   (7) DSA (set your own capabilities)
   (8) RSA (set your own capabilities)
  (10) ECC (sign only)
  (11) ECC (set your own capabilities)
  (12) ECC (encrypt only)
  (13) Existing key
Your selection? 8

Possible actions for a RSA key: Sign Encrypt Authenticate
Current allowed actions: Sign Encrypt

   (S) Toggle the sign capability
   (E) Toggle the encrypt capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? e

Possible actions for a RSA key: Sign Encrypt Authenticate
Current allowed actions: Sign

   (S) Toggle the sign capability
   (E) Toggle the encrypt capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? q
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 1y
Key expires at Mon 17 Dec 2018 03:52:32 PM SAST
Is this correct? (y/N) y
Really create? (y/N) y
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

sec  rsa4096/0xFEB714863B310F5B
     created: 2017-12-17  expires: 2022-12-16  usage: C
     trust: ultimate      validity: ultimate
ssb  rsa4096/0x6413920E1406714D
     created: 2017-12-17  expires: 2018-12-17  usage: S
[ultimate] (1). John Doe <john.doe@example.com>

Adding Encryption Subkey

gpg> addkey
Please select what kind of key you want:
   (3) DSA (sign only)
   (4) RSA (sign only)
   (5) Elgamal (encrypt only)
   (6) RSA (encrypt only)
   (7) DSA (set your own capabilities)
   (8) RSA (set your own capabilities)
  (10) ECC (sign only)
  (11) ECC (set your own capabilities)
  (12) ECC (encrypt only)
  (13) Existing key
Your selection? 8

Possible actions for a RSA key: Sign Encrypt Authenticate
Current allowed actions: Sign Encrypt

   (S) Toggle the sign capability
   (E) Toggle the encrypt capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? s

Possible actions for a RSA key: Sign Encrypt Authenticate
Current allowed actions: Encrypt

   (S) Toggle the sign capability
   (E) Toggle the encrypt capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? q
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 1y
Key expires at Mon 17 Dec 2018 03:53:29 PM SAST
Is this correct? (y/N) y
Really create? (y/N) y
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

sec  rsa4096/0xFEB714863B310F5B
     created: 2017-12-17  expires: 2022-12-16  usage: C
     trust: ultimate      validity: ultimate
ssb  rsa4096/0x6413920E1406714D
     created: 2017-12-17  expires: 2018-12-17  usage: S
ssb  rsa4096/0x7DA08817ABA49747
     created: 2017-12-17  expires: 2018-12-17  usage: E
[ultimate] (1). John Doe <john.doe@example.com>

Adding Authentication Subkey

gpg> addkey
Please select what kind of key you want:
   (3) DSA (sign only)
   (4) RSA (sign only)
   (5) Elgamal (encrypt only)
   (6) RSA (encrypt only)
   (7) DSA (set your own capabilities)
   (8) RSA (set your own capabilities)
  (10) ECC (sign only)
  (11) ECC (set your own capabilities)
  (12) ECC (encrypt only)
  (13) Existing key
Your selection? 8

Possible actions for a RSA key: Sign Encrypt Authenticate
Current allowed actions: Sign Encrypt

   (S) Toggle the sign capability
   (E) Toggle the encrypt capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? s

Possible actions for a RSA key: Sign Encrypt Authenticate
Current allowed actions: Encrypt

   (S) Toggle the sign capability
   (E) Toggle the encrypt capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? e

Possible actions for a RSA key: Sign Encrypt Authenticate
Current allowed actions:

   (S) Toggle the sign capability
   (E) Toggle the encrypt capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? a

Possible actions for a RSA key: Sign Encrypt Authenticate
Current allowed actions: Authenticate

   (S) Toggle the sign capability
   (E) Toggle the encrypt capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? q
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 1y
Key expires at Mon 17 Dec 2018 03:55:00 PM SAST
Is this correct? (y/N) y
Really create? (y/N) y
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

sec  rsa4096/0xFEB714863B310F5B
     created: 2017-12-17  expires: 2022-12-16  usage: C
     trust: ultimate      validity: ultimate
ssb  rsa4096/0x6413920E1406714D
     created: 2017-12-17  expires: 2018-12-17  usage: S
ssb  rsa4096/0x7DA08817ABA49747
     created: 2017-12-17  expires: 2018-12-17  usage: E
ssb  rsa4096/0x10960506DC109513
     created: 2017-12-17  expires: 2018-12-17  usage: A
[ultimate] (1). John Doe <john.doe@example.com>

Strengthening hash preferences

We will change our cryptographic preferences to stronger and more robust functions than the default proposed by gpg2. This will assist sender in knowing what cryptographic functions we support and convey our preferences to what should be used when sending us a signed or encrypted message.

gpg> setpref SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
Set preference list to:
     Cipher: AES256, AES192, AES, CAST5, 3DES
     Digest: SHA512, SHA384, SHA256, SHA224, SHA1
     Compression: ZLIB, BZIP2, ZIP, Uncompressed
     Features: MDC, Keyserver no-modify
Really update the preferences? (y/N) y
gpg> save

Creating Backups

It is important to create vairous backup files that should be stored in a secure and safe storage.

Creating revocation certificate

If you forget your passphrase to your master keypair or your master keypair gets stolen or compromised we need a way to revoke the certificate to inform the internet community that they should not be using this key anymore. Therefore we geberate a revocation certificate and store it in a secure place.

$ gpg2 --output FEB714863B310F5B.rev --gen-revoke 0xFEB714863B310F5B

sec  rsa4096/0xFEB714863B310F5B 2017-12-17 John Doe <john.doe@example.com>

Create a revocation certificate for this key? (y/N) y
Please select the reason for the revocation:
0 = No reason specified
1 = Key has been compromised
2 = Key is superseded
3 = Key is no longer used
Q = Cancel
(Probably you want to select 1 here)
Your decision? 0
Enter an optional description; end it with an empty line:
>
Reason for revocation: No reason specified
(No description given)
Is this okay? (y/N) y
ASCII armored output forced.
Revocation certificate created.

Please move it to a medium which you can hide away; if Mallory gets
access to this certificate he can use it to make your key unusable.
It is smart to print this certificate and store it away, just in case
your media become unreadable.  But have some caution:  The print system of
your machine might store the data and make it available to others!

Exporting secret key, subkeys and public key

In the following steps we will be creating three different exports and represenations of your GPG keys.

  • Public Key: The public key represenation of your GPG key that must be distributed. This can be upload to keyservers and pasted on your websites.
  • Private key: Your master keypair and all associated subkey private keys. Must be stored offline and in a secure storage. This will be required if you need to sign other people keys, or if you want to create additional subkeys.
  • Private Subkeys: This is an export of all the associated subkey private keys, but without the master or Certify private key. This can be used imported on all devices you will be using daily with GPG.
$ gpg2 --export --armor 0xFEB714863B310F5B > FEB714863B310F5B.pub.asc
$ gpg2 --export-secret-keys --armor 0xFEB714863B310F5B > FEB714863B310F5B.priv.asc
$ gpg2 --export-secret-subkeys --armor 0xFEB714863B310F5B > FEB714863B310F5B.sub_priv.asc

Remove secret keys

finally remove all private keys from you local key ring for your GPG key.

gpg2 --delete-secret-key 0xFEB714863B310F5B
gpg (GnuPG) 2.2.3; Copyright (C) 2017 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.


sec  rsa4096/0xFEB714863B310F5B 2017-12-17 John Doe <john.doe@example.com>

Delete this key from the keyring? (y/N) y
This is a secret key! - really delete? (y/N) y

Checking backups

To ensure that our backups are correct we performing the following steps:

First we import our public key and confirm that this contains no private keys

$ gpg2 --import FEB714863B310F5B.pub.asc
gpg: key 0xFEB714863B310F5B: public key "John Doe <john.doe@example.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1

$ gpg2 --list-secret-keys 0xFEB714863B310F5B
gpg: error reading key: No secret key

Next we import out subkeys private keys:

$ gpg2 --import FEB714863B310F5B.sub_priv.asc
gpg: key 0xFEB714863B310F5B: "John Doe <john.doe@example.com>" not changed
gpg: To migrate 'secring.gpg', with each smartcard, run: gpg --card-status
gpg: key 0xFEB714863B310F5B: secret key imported
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg:       secret keys read: 1
gpg:   secret keys imported: 1

$ gpg2 --list-secret-keys 0xFEB714863B310F5B
sec#  rsa4096/0xFEB714863B310F5B 2017-12-17 [C] [expires: 2022-12-16]
      Key fingerprint = B37F 23E6 393F CF17 E32C  3DF1 FEB7 1486 3B31 0F5B
uid                   [ unknown] John Doe <john.doe@example.com>
ssb   rsa4096/0x6413920E1406714D 2017-12-17 [S] [expires: 2018-12-17]
ssb   rsa4096/0x7DA08817ABA49747 2017-12-17 [E] [expires: 2018-12-17]
ssb   rsa4096/0x10960506DC109513 2017-12-17 [A] [expires: 2018-12-17

Note the sec# line, the # indicates that our secret key is not present and that a stub is currently in use. This is what we want, as we only want the private key material of the subkeys to be present.

Finally we import our full GPG key with all associated private keys

$ gpg2 --import FEB714863B310F5B.priv.asc
gpg: key 0xFEB714863B310F5B: "John Doe <john.doe@example.com>" not changed
gpg: key 0xFEB714863B310F5B: secret key imported
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg:       secret keys read: 1
gpg:   secret keys imported: 1
gpg:  secret keys unchanged: 1

$ gpg2 --list-secret-keys 0xFEB714863B310F5B
sec   rsa4096/0xFEB714863B310F5B 2017-12-17 [C] [expires: 2022-12-16]
    Key fingerprint = B37F 23E6 393F CF17 E32C  3DF1 FEB7 1486 3B31 0F5B
uid                   [ unknown] John Doe <john.doe@example.com>
ssb   rsa4096/0x6413920E1406714D 2017-12-17 [S] [expires: 2018-12-17]
ssb   rsa4096/0x7DA08817ABA49747 2017-12-17 [E] [expires: 2018-12-17]
ssb   rsa4096/0x10960506DC109513 2017-12-17 [A] [expires: 2018-12-17]

Notice the sec, line, the # is not present. This indicates that the master keypair private key is present in our local keyring.

If your backups conform to the above, then you have successfully created your GPG key.

Distributing public key

In order to allow other people to send you encrypted messages, we need to distribute our public key. This can be done in various ways, but the easiest method is to utilize the SKS keyserver network. We will submit our key to the SKS keyserver network by using the following command.

$ gpg --keyserver pool.sks-keyservers.net --send-keys 0xFEB714863B310F5B

Hardening GPG configuration

In order to increase the strength of our local GPG installation it is advised to review the below config file and replace your GPG config file located in ~/.gnupg/gpg.conf with the below recommended configuration file.

# Avoid information leaked
no-emit-version
no-comments
export-options export-minimal

# Displays the long format of the ID of the keys and their fingerprints
keyid-format 0xlong
with-fingerprint

# Displays the validity of the keys
list-options show-uid-validity
verify-options show-uid-validity

# Limits the algorithms used
personal-cipher-preferences AES256
personal-digest-preferences SHA512
default-preference-list SHA512 SHA384 SHA256 RIPEMD160 AES256 TWOFISH BLOWFISH ZLIB BZIP2 ZIP Uncompressed

cipher-algo AES256
digest-algo SHA512
cert-digest-algo SHA512
compress-algo ZLIB

disable-cipher-algo 3DES
weak-digest SHA1

s2k-cipher-algo AES256
s2k-digest-algo SHA512
s2k-mode 3
s2k-count 65011712

Securing communication with SKS keyserver pool

Download the CA certificate for the SKS keyserver pool by using the command

wget https://sks-keyservers.net/sks-keyservers.netCA.pem -O ~/.gnupg/sks-keyservers.netCA.pem
--2017-12-17 21:41:02--  https://sks-keyservers.net/sks-keyservers.netCA.pem
Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
Resolving sks-keyservers.net... 37.191.226.104
Connecting to sks-keyservers.net|37.191.226.104|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1984 (1.9K)
Saving to: ‘/home/andrew/.gnupg/sks-keyservers.netCA.pem’

/home/andrew/.gnupg/sks-keyservers.netCA.pem         100%[=====================================================================================================================>]   1.94K  --.-KB/s    in 0s

2017-12-17 21:41:03 (89.2 MB/s) - ‘/home/andrew/.gnupg/sks-keyservers.netCA.pem’ saved [1984/1984]

Next we will obtain the signature of the SKS Keyserver CA certificate

wget https://sks-keyservers.net/sks-keyservers.netCA.pem.asc -O ~/.gnupg/sks-keyservers.netCA.pem.asc
--2017-12-17 21:41:33--  https://sks-keyservers.net/sks-keyservers.netCA.pem.asc
Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
Resolving sks-keyservers.net... 37.191.226.104
Connecting to sks-keyservers.net|37.191.226.104|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 455 [text/plain]
Saving to: ‘/home/andrew/.gnupg/sks-keyservers.netCA.pem.asc’

/home/andrew/.gnupg/sks-keyservers.netCA.pem.asc     100%[=====================================================================================================================>]     455  --.-KB/s    in 0s

2017-12-17 21:41:34 (9.58 MB/s) - ‘/home/andrew/.gnupg/sks-keyservers.netCA.pem.asc’ saved [455/455]

Next we import Kristian Fiskerstrand public key 0x250B7AFED6379D85 who is the mainternainer and operator of the SKS keyserver network.

$ gpg2 --recv  0x250B7AFED6379D85
gpg: key 0x0B7F8B60E3EDFAE3: 7 duplicate signatures removed
gpg: key 0x0B7F8B60E3EDFAE3: 1126 signatures not checked due to missing keys
gpg: key 0x0B7F8B60E3EDFAE3: public key "Kristian Fiskerstrand <kristian.fiskerstrand@sumptuouscapital.com>" imported
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: Total number processed: 1
gpg:               imported: 1

Now we are able to verify that the downloaded certificate has not been modified

$ gpg2 --verify ~/.gnupg/sks-keyservers.netCA.pem.asc ~/.gnupg/sks-keyservers.netCA.pem
gpg: Signature made Wed 30 Mar 2016 05:06:29 PM SAST
gpg:                using RSA key 0x250B7AFED6379D85
gpg: Good signature from "Kristian Fiskerstrand <kristian.fiskerstrand@sumptuouscapital.com>" [unknown]
gpg:                 aka "Kristian Fiskerstrand <kf@gnupg.net>" [unknown]
gpg:                 aka "Kristian Fiskerstrand <k_f@gentoo.org>" [unknown]
gpg:                 aka "Kristian Fiskerstrand <kf@sumptuouscapital.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 94CB AFDD 3034 5109 5618  35AA 0B7F 8B60 E3ED FAE3
     Subkey fingerprint: B4EA D120 C7F8 9A4A EA47  2707 250B 7AFE D637 9D85

Note that GPG indicates “Good signature”. Hence we can be fairly certain that his file has not been modified and that we have downloaded the correct and valid SKS keyserver CA certificate.

For more information on verifying the CA certificate refer to (https://sks-keyservers.net/verify_tls.php)[(https://sks-keyservers.net/verify_tls.php)]

To configure GPG to connect to the SKS keyserver pool over a secure connection we need to amend our gpg.conf file.

For GnuPG 1.4 and 2.0 installations this can be done by using the following parameters in gpg.conf:

~/.gnupg/gpg.conf:

keyserver hkps://hkps.pool.sks-keyservers.net
keyserver-options ca-cert-file=~/.gnupg/sks-keyservers.netCA.pem

GnuPG 2.1 users prior to version 2.1.11 (starting with this version the certificate is enabled by default for this pool) want to add the following in dirmngr.conf:

~/.gnupg/dirmngr.conf:

hkp-cacert ~/.gnupg/sks-keyservers.netCA.pem

Key Maintenance

Below are various maintenatnace tasks that can be performed on the GPG key. For below actions to be perfomed, you require access to your master key and the master key must be opened in edit mode.

Adding additional UID

If you acquire a new UID and want to to be able to receive encrypted mail to this UID, then you can add addidtional UID’s on your GPG key.

gpg> adduid
Real name: John Doe
Email address: john@doe.example
Comment:
You selected this USER-ID:
    "John Doe <john@doe.example>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O

sec  rsa4096/0xFEB714863B310F5B
     created: 2017-12-17  expires: 2022-12-16  usage: C
     trust: ultimate      validity: ultimate
ssb  rsa4096/0x6413920E1406714D
     created: 2017-12-17  expires: 2018-12-17  usage: S
ssb  rsa4096/0x7DA08817ABA49747
     created: 2017-12-17  expires: 2018-12-17  usage: E
ssb  rsa4096/0x10960506DC109513
     created: 2017-12-17  expires: 2018-12-17  usage: A
[ultimate] (1)  John Doe <john.doe@example.com>
[ultimate] (2). John Doe <john@doe.example>

We must now again distribute this changed GPG key. Easiest is to upload the changed key to the SKS keyserver network.

$ gpg --keyserver pool.sks-keyservers.net --send-keys 0xFEB714863B310F5B

Adding photo UID

GPG also allows on to add a photo UID to a key, it is however recommend to use a low resolution and small sized jpeg file as this informaion will be embedded in the public key part of your GPG certificate which can increase the size of the public key significantly.

gpg> addphoto

Pick an image to use for your photo ID.  The image must be a JPEG file.
Remember that the image is stored within your public key.  If you use a
very large picture, your key will become very large as well!
Keeping the image close to 240x288 is a good size to use.

Enter JPEG filename for photo ID: /home/andrew/profile.jpg
Is this photo correct (y/N/q)? y

sec  rsa4096/0xFEB714863B310F5B
     created: 2017-12-17  expires: 2022-12-16  usage: C
     trust: unknown       validity: unknown
ssb  rsa4096/0x6413920E1406714D
     created: 2017-12-17  expires: 2018-12-17  usage: S
ssb  rsa4096/0x7DA08817ABA49747
     created: 2017-12-17  expires: 2018-12-17  usage: E
ssb  rsa4096/0x10960506DC109513
     created: 2017-12-17  expires: 2018-12-17  usage: A
[ultimate] (1). John Doe <john.doe@example.com>
[ultimate] (2)  [jpeg image of size 3564]

In case of emergency

In case the you master key is lost or compormosied we need to revoke the key.

Lost access to work with private key

If you are unable to access your private key, because it has been lost, compromised or you forgot your password, the revocation certificate we created earlier can be used to revoke the key.

First step to revoke your GPG key is to import the revocation certificate into your local keyring.

$ gpg2 --import FEB714863B310F5B.rev
gpg: key 0xFEB714863B310F5B: "John Doe <john.doe@example.com>" revocation certificate imported
gpg: Total number processed: 1
gpg:    new key revocations: 1
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u

Next we confirm the correct key has been revoked.

$ gpg2 --list-keys 0xFEB714863B310F5B
/home/andrew/.gnupg/pubring.kbx
-------------------------------
pub   rsa4096/0xFEB714863B310F5B 2017-12-17 [C] [revoked: 2017-12-17]
      Key fingerprint = B37F 23E6 393F CF17 E32C  3DF1 FEB7 1486 3B31 0F5B
uid                   [ revoked] John Doe <john.doe@example.com>
uid                   [ revoked] [jpeg image of size 3564]

Once it has been confirmed that the correct key has been revoked, we must distribute the changed GPG key. Easiest is to upload the changed key to the SKS keyserver network.

$ gpg --keyserver pool.sks-keyservers.net --send-keys 0xFEB714863B310F5B

Revoke interactively

If you sill have access to the master keypair we are then able to choose which keys to revoke, as well as the reason for the revocation.

Import he private key into your local keyring.

gpg2 --import FEB714863B310F5B.priv.asc
gpg: key 0xFEB714863B310F5B: public key "John Doe <john.doe@example.com>" imported
gpg: key 0xFEB714863B310F5B: secret key imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg:       secret keys read: 1
gpg:   secret keys imported: 1

In the example below we revoke all subkeys, but any combination can be done, we can either revoke the master keypair, or we can revoke one or more subkeys.

$ gpg2 --expert --edit-key 0xFEB714863B310F5B
gpg (GnuPG) 2.2.3; Copyright (C) 2017 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

sec  rsa4096/0xFEB714863B310F5B
     created: 2017-12-17  expires: 2022-12-16  usage: C
     trust: unknown       validity: unknown
ssb  rsa4096/0x6413920E1406714D
     created: 2017-12-17  expires: 2018-12-17  usage: S
ssb  rsa4096/0x7DA08817ABA49747
     created: 2017-12-17  expires: 2018-12-17  usage: E
ssb  rsa4096/0x10960506DC109513
     created: 2017-12-17  expires: 2018-12-17  usage: A
[ unknown] (1). John Doe <john.doe@example.com>

gpg> key 1

sec  rsa4096/0xFEB714863B310F5B
     created: 2017-12-17  expires: 2022-12-16  usage: C
     trust: unknown       validity: unknown
ssb* rsa4096/0x6413920E1406714D
     created: 2017-12-17  expires: 2018-12-17  usage: S
ssb  rsa4096/0x7DA08817ABA49747
     created: 2017-12-17  expires: 2018-12-17  usage: E
ssb  rsa4096/0x10960506DC109513
     created: 2017-12-17  expires: 2018-12-17  usage: A
[ unknown] (1). John Doe <john.doe@example.com>

gpg> key 2

sec  rsa4096/0xFEB714863B310F5B
     created: 2017-12-17  expires: 2022-12-16  usage: C
     trust: unknown       validity: unknown
ssb* rsa4096/0x6413920E1406714D
     created: 2017-12-17  expires: 2018-12-17  usage: S
ssb* rsa4096/0x7DA08817ABA49747
     created: 2017-12-17  expires: 2018-12-17  usage: E
ssb  rsa4096/0x10960506DC109513
     created: 2017-12-17  expires: 2018-12-17  usage: A
[ unknown] (1). John Doe <john.doe@example.com>

gpg> key 3

sec  rsa4096/0xFEB714863B310F5B
     created: 2017-12-17  expires: 2022-12-16  usage: C
     trust: unknown       validity: unknown
ssb* rsa4096/0x6413920E1406714D
     created: 2017-12-17  expires: 2018-12-17  usage: S
ssb* rsa4096/0x7DA08817ABA49747
     created: 2017-12-17  expires: 2018-12-17  usage: E
ssb* rsa4096/0x10960506DC109513
     created: 2017-12-17  expires: 2018-12-17  usage: A
[ unknown] (1). John Doe <john.doe@example.com>

gpg> revkey
Do you really want to revoke the selected subkeys? (y/N) y
Please select the reason for the revocation:
  0 = No reason specified
  1 = Key has been compromised
  2 = Key is superseded
  3 = Key is no longer used
  Q = Cancel
Your decision? 1
Enter an optional description; end it with an empty line:
>
Reason for revocation: Key has been compromised
(No description given)
Is this okay? (y/N) y

sec  rsa4096/0xFEB714863B310F5B
     created: 2017-12-17  expires: 2022-12-16  usage: C
     trust: unknown       validity: unknown
The following key was revoked on 2017-12-17 by RSA key 0xFEB714863B310F5B John Doe <john.doe@example.com>
ssb  rsa4096/0x6413920E1406714D
     created: 2017-12-17  revoked: 2017-12-17  usage: S
The following key was revoked on 2017-12-17 by RSA key 0xFEB714863B310F5B John Doe <john.doe@example.com>
ssb  rsa4096/0x7DA08817ABA49747
     created: 2017-12-17  revoked: 2017-12-17  usage: E
The following key was revoked on 2017-12-17 by RSA key 0xFEB714863B310F5B John Doe <john.doe@example.com>
ssb  rsa4096/0x10960506DC109513
     created: 2017-12-17  revoked: 2017-12-17  usage: A
[ unknown] (1). John Doe <john.doe@example.com>

gpg> save

We must now again distribute this changed GPG key. Easiest is to upload the changed key to the SKS keyserver network.

$ gpg --keyserver pool.sks-keyservers.net --send-keys 0xFEB714863B310F5B