[gentoo-doc-cvs] gentoo commit in xml/htdocs/doc/en: gnupg-user.xml - gentoo-doc-cvs

From:	"Joshua Saddler (nightmorph)" <nightmorph@g.o>
To:	gentoo-doc-cvs@l.g.o
Subject:	[gentoo-doc-cvs] gentoo commit in xml/htdocs/doc/en: gnupg-user.xml
Date:	Wed, 14 Nov 2012 00:02:49
Message-Id:	`20121113231119.A00E920C65@flycatcher.gentoo.org`

1

nightmorph    12/11/13 23:11:19

2

3

  Modified:             gnupg-user.xml

4

  Log:

5

  update gnupg guide for bug #443016. updated key generation process and gpg-agent/pinentry instructions.

6

7

Revision  Changes    Path

8

1.52                 xml/htdocs/doc/en/gnupg-user.xml

9

10

file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/gnupg-user.xml?rev=1.52&view=markup

11

plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/gnupg-user.xml?rev=1.52&content-type=text/plain

12

diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/gnupg-user.xml?r1=1.51&r2=1.52

13

14

Index: gnupg-user.xml

15

===================================================================

16

RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/gnupg-user.xml,v

17

retrieving revision 1.51

18

retrieving revision 1.52

19

diff -u -r1.51 -r1.52

20

--- gnupg-user.xml	31 Oct 2012 18:44:41 -0000	1.51

21

+++ gnupg-user.xml	13 Nov 2012 23:11:19 -0000	1.52

22

@@ -1,6 +1,6 @@

23

 <?xml version='1.0' encoding="UTF-8"?>

24

 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">

25

-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/gnupg-user.xml,v 1.51 2012/10/31 18:44:41 swift Exp $ -->

26

+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/gnupg-user.xml,v 1.52 2012/11/13 23:11:19 nightmorph Exp $ -->

27

28

 <guide>

29

 <title>GnuPG Gentoo User Guide</title>

30

@@ -14,6 +14,9 @@

31

 <author title="Editor">

32

   <mail link="swift@g.o">Sven Vermeulen</mail>

33

 </author>

34

+<author title="Editor">

35

+  <mail link="nightmorph"/>

36

+</author>

37

38

 <abstract>

39

 This small guide will teach you the basics of using GnuPG, a tool for secure 

40

@@ -24,8 +27,8 @@

41

 <!-- See http://creativecommons.org/licenses/by-sa/2.5 -->

42

 <license/>

43

44

-<version>3</version>

45

-<date>2012-10-31</date>

46

+<version>4</version>

47

+<date>2012-11-13</date>

48

49

 <chapter>

50

 <title>Introduction</title>

51

@@ -93,17 +96,17 @@

52

 under certain conditions. See the file COPYING for details.

53

54

 Please select what kind of key you want:

55

-   (1) DSA and ElGamal (default)

56

-   (2) DSA (sign only)

57

-   (4) ElGamal (sign and encrypt)

58

-   (5) RSA (sign only)

59

+   (1) RSA and RSA (default)

60

+   (2) DSA and Elgamal

61

+   (3) DSA (sign only)

62

+   (4) RSA (sign only)

63

    Your selection? <i>1</i>

64

 </pre>

65

66

<p>

67

 Here you can choose the type of key you want to use. Most users will go for the

68

-default DSA and ElGamal. Next is the key size - remember that bigger is better

69

-but don't use a size larger than 2048 with DSA/ElGamal keys. Generally 1024 is 

70

+default RSA and RSA. Next is the key size - remember that bigger is better

71

+but don't use a size larger than 2048 with DSA/ElGamal keys. Generally 2048 is 

72

 more than enough for normal email.

73

 </p>

74

75

@@ -112,13 +115,10 @@

76

 go for a key that never expires or to something like 2 or 3 years.

77

 </p>

78

79

-<pre caption="Choosing key size" >

80

-DSA keypair will have 1024 bits.

81

-About to generate a new ELG-E keypair.

82

-              minimum keysize is  768 bits

83

-              default keysize is 1024 bits

84

-    highest suggested keysize is 2048 bits

85

-    What keysize do you want? (1024) <i>2048</i>

86

+<pre caption="Choosing key size">

87

+RSA keypair will have 1024 bits.

88

+RSA keys may be between 1024 and 4096 bits long.

89

+    What keysize do you want? (2048) <i>2048</i>

90

 Requested keysize is 2048 bits       

91

 Please specify how long the key should be valid.

92

          0 = key does not expire

93

@@ -139,9 +139,7 @@

94

 <pre caption="Entering user information" >

95

 Is this correct (y/n)? <i>y</i>

96

97

-You need a User-ID to identify your key; the software constructs the user id

98

-from Real Name, Comment and Email Address in this form:

99

-"Heinrich Heine (Der Dichter) &lt;heinrichh@×××××××××××.de&gt;"

100

+GnuPG needs to construct a user ID to identify your key.

101

102

 Real name: <i>John Doe</i>

103

 Email address: <i>john@×××××××××××××××××.flick</i>

104

@@ -157,8 +155,8 @@

105

106

<p>

107

 Now enter your key passphrase twice. It is a good idea to use a strong password.

108

-If someone ever gets hold of your private key and cracks your password, they 

109

-will be able to send messages signed by "you", making everyone believe the mails 

110

+If someone ever gets hold of your private key and cracks your password, they

111

+will be able to send messages signed by "you", making everyone believe the mails

112

 were sent by you.

113

 </p>

114

115

@@ -366,13 +364,13 @@

116

<p>

117

 Now that you have your key, it is probably a good idea to send it to the world

118

 key server. There are a lot of keyservers in the world and most of them exchange

119

-keys between them. Here we are going to send John Doe's key to the subkeys.pgp.net

120

-server. This uses HTTP, so if you need to use a proxy for HTTP traffic don't

121

-forget to set it (<c>export http_proxy=http://proxy_host:port/</c>). The command

122

-for sending the key is:  <c>gpg --keyserver subkeys.pgp.net --keyserver-options

123

-honor-http-proxy --send-key 75447B14</c> where <c>75447B14</c> is the key ID. 

124

-If you don't need a HTTP proxy you can remove the <e>--keyserver-options 

125

-honor-http-proxy</e>.

126

+keys between them. Here we are going to send John Doe's key to the

127

+subkeys.pgp.net server. This uses HTTP, so if you need to use a proxy for HTTP

128

+traffic don't forget to set it (<c>export

129

+http_proxy=http://proxy_host:port/</c>). The command for sending the key is:

130

+<c>gpg --keyserver subkeys.pgp.net --keyserver-options honor-http-proxy

131

+--send-key 75447B14</c> where <c>75447B14</c> is the key ID.  If you don't need

132

+a HTTP proxy you can remove the <e>--keyserver-options honor-http-proxy</e>.

133

 </p>

134

135

<p>

136

@@ -449,7 +447,7 @@

137

 </p>

138

139

<p>

140

-Gentoo provides a few GPG agent applications. The <c>app-crypt/gnupg-1.9.*</c>

141

+Gentoo provides a few GPG agent applications. The <c>app-crypt/gnupg</c>

142

 package contains what could be considered the reference one, and will be the

143

 one we'll use in this document.

144

 </p>

145

@@ -457,30 +455,41 @@

146

 </body>

147

 </section>

148

 <section>

149

-<title>Installing and Configuring gpg-agent and pinentry</title>

150

+<title>Configuring gpg-agent and pinentry</title>

151

 <body>

152

153

<p>

154

-You should install <c>gnupg-1.9.*</c>, which includes <c>gpg-agent</c>, and

155

-<c>pinentry</c>. <c>pinentry</c> is the helper application that gpg-agent uses

156

-to request the passphrase in a graphical window. It comes in three flavors: it

157

-can popup a window using the gtk+, Qt, or curses library (depending on the USE

158

-flag you set when emerging it).

159

+GnuPG includes <c>gpg-agent</c> and <c>pinentry</c>. <c>pinentry</c> is the

160

+helper application that gpg-agent uses to request the passphrase in a graphical

161

+window. It comes in three flavors: it can popup a window using the gtk+, Qt, or

162

+curses library (depending on your USE flags in

163

+<path>/etc/portage/make.conf</path>). 

164

+</p>

165

+

166

+<p>

167

+If you installed <c>pinentry</c> with more than one popup window type, you can

168

+choose between them with <c>eselect-pinentry</c>:

169

 </p>

170

171

-<pre caption="Installing gpg-agent and pinentry">

172

-# <i>emerge \>=gnupg-1.9.20 pinentry</i>

173

+<pre caption="Switching popup windows">

174

+# <i>eselect pinentry list</i>

175

+Available pinentry implementations:

176

+  [1]   pinentry-gtk-2 *

177

+  [2]   pinentry-curses

178

+  [3]   pinentry-qt4

179

+

180

+# <i>eselect pinentry set 1</i>

181

 </pre>

182

183

<p>

184

-Next, create a file called <path>~/.gnupg/gpg-agent.conf</path> and enter the

185

+Now create a file called <path>~/.gnupg/gpg-agent.conf</path> and enter the

186

 following lines which define the default timeout of the passphrase (e.g. 30

187

 minutes) and the application to be called for when the passphrase should be

188

-retrieved the first time (e.g. the Qt version of pinentry).

189

+retrieved the first time (e.g. the gtk+ version of pinentry).

190

 </p>

191

192

 <pre caption="Editing ~/.gnupg/gpg-agent.conf">

193

-pinentry-program /usr/bin/pinentry-qt

194

+pinentry-program /usr/bin/pinentry-gtk-2

195

 no-grab

196

 default-cache-ttl 1800

197

 </pre>

198

@@ -505,10 +514,10 @@

199

 <body>

200

201

<p>

202

-If you use KDE as graphical environment, edit

203

+If you use KDE as your graphical environment, edit

204

 <path>/etc/kde/startup/agent-startup.sh</path> and uncomment the following

205

-(system-wide) or <path>~/.kde4/env/gpg-agent.sh</path> (local user) and add

206

-the following command to it to have KDE automatically starting the GPG agent:

207

+(system-wide) or <path>~/.kde4/env/gpg-agent.sh</path> (local user) and add the

208

+following command to it to have KDE automatically starting the GPG agent:

209

 </p>

210

211

 <pre caption="Make KDE automatically start the GPG agent">

1	nightmorph 12/11/13 23:11:19
2
3	Modified: gnupg-user.xml
4	Log:
5	update gnupg guide for bug #443016. updated key generation process and gpg-agent/pinentry instructions.
6
7	Revision Changes Path
8	1.52 xml/htdocs/doc/en/gnupg-user.xml
9
10	file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/gnupg-user.xml?rev=1.52&view=markup
11	plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/gnupg-user.xml?rev=1.52&content-type=text/plain
12	diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/gnupg-user.xml?r1=1.51&r2=1.52
13
14	Index: gnupg-user.xml
15	===================================================================
16	RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/gnupg-user.xml,v
17	retrieving revision 1.51
18	retrieving revision 1.52
19	diff -u -r1.51 -r1.52
20	--- gnupg-user.xml 31 Oct 2012 18:44:41 -0000 1.51
21	+++ gnupg-user.xml 13 Nov 2012 23:11:19 -0000 1.52
22	@@ -1,6 +1,6 @@
23	<?xml version='1.0' encoding="UTF-8"?>
24	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
25	-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/gnupg-user.xml,v 1.51 2012/10/31 18:44:41 swift Exp $ -->
26	+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/gnupg-user.xml,v 1.52 2012/11/13 23:11:19 nightmorph Exp $ -->
27
28	<guide>
29	<title>GnuPG Gentoo User Guide</title>
30	@@ -14,6 +14,9 @@
31	<author title="Editor">
32	<mail link="swift@g.o">Sven Vermeulen</mail>
33	</author>
34	+<author title="Editor">
35	+ <mail link="nightmorph"/>
36	+</author>
37
38	<abstract>
39	This small guide will teach you the basics of using GnuPG, a tool for secure
40	@@ -24,8 +27,8 @@
41	<!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
42	<license/>
43
44	-<version>3</version>
45	-<date>2012-10-31</date>
46	+<version>4</version>
47	+<date>2012-11-13</date>
48
49	<chapter>
50	<title>Introduction</title>
51	@@ -93,17 +96,17 @@
52	under certain conditions. See the file COPYING for details.
53
54	Please select what kind of key you want:
55	- (1) DSA and ElGamal (default)
56	- (2) DSA (sign only)
57	- (4) ElGamal (sign and encrypt)
58	- (5) RSA (sign only)
59	+ (1) RSA and RSA (default)
60	+ (2) DSA and Elgamal
61	+ (3) DSA (sign only)
62	+ (4) RSA (sign only)
63	Your selection? <i>1</i>
64	</pre>
65
66	<p>
67	Here you can choose the type of key you want to use. Most users will go for the
68	-default DSA and ElGamal. Next is the key size - remember that bigger is better
69	-but don't use a size larger than 2048 with DSA/ElGamal keys. Generally 1024 is
70	+default RSA and RSA. Next is the key size - remember that bigger is better
71	+but don't use a size larger than 2048 with DSA/ElGamal keys. Generally 2048 is
72	more than enough for normal email.
73	</p>
74
75	@@ -112,13 +115,10 @@
76	go for a key that never expires or to something like 2 or 3 years.
77	</p>
78
79	-<pre caption="Choosing key size" >
80	-DSA keypair will have 1024 bits.
81	-About to generate a new ELG-E keypair.
82	- minimum keysize is 768 bits
83	- default keysize is 1024 bits
84	- highest suggested keysize is 2048 bits
85	- What keysize do you want? (1024) <i>2048</i>
86	+<pre caption="Choosing key size">
87	+RSA keypair will have 1024 bits.
88	+RSA keys may be between 1024 and 4096 bits long.
89	+ What keysize do you want? (2048) <i>2048</i>
90	Requested keysize is 2048 bits
91	Please specify how long the key should be valid.
92	0 = key does not expire
93	@@ -139,9 +139,7 @@
94	<pre caption="Entering user information" >
95	Is this correct (y/n)? <i>y</i>
96
97	-You need a User-ID to identify your key; the software constructs the user id
98	-from Real Name, Comment and Email Address in this form:
99	-"Heinrich Heine (Der Dichter) <heinrichh@×××××××××××.de>"
100	+GnuPG needs to construct a user ID to identify your key.
101
102	Real name: <i>John Doe</i>
103	Email address: <i>john@×××××××××××××××××.flick</i>
104	@@ -157,8 +155,8 @@
105
106	<p>
107	Now enter your key passphrase twice. It is a good idea to use a strong password.
108	-If someone ever gets hold of your private key and cracks your password, they
109	-will be able to send messages signed by "you", making everyone believe the mails
110	+If someone ever gets hold of your private key and cracks your password, they
111	+will be able to send messages signed by "you", making everyone believe the mails
112	were sent by you.
113	</p>
114
115	@@ -366,13 +364,13 @@
116	<p>
117	Now that you have your key, it is probably a good idea to send it to the world
118	key server. There are a lot of keyservers in the world and most of them exchange
119	-keys between them. Here we are going to send John Doe's key to the subkeys.pgp.net
120	-server. This uses HTTP, so if you need to use a proxy for HTTP traffic don't
121	-forget to set it (<c>export http_proxy=http://proxy_host:port/</c>). The command
122	-for sending the key is: <c>gpg --keyserver subkeys.pgp.net --keyserver-options
123	-honor-http-proxy --send-key 75447B14</c> where <c>75447B14</c> is the key ID.
124	-If you don't need a HTTP proxy you can remove the <e>--keyserver-options
125	-honor-http-proxy</e>.
126	+keys between them. Here we are going to send John Doe's key to the
127	+subkeys.pgp.net server. This uses HTTP, so if you need to use a proxy for HTTP
128	+traffic don't forget to set it (<c>export
129	+http_proxy=http://proxy_host:port/</c>). The command for sending the key is:
130	+<c>gpg --keyserver subkeys.pgp.net --keyserver-options honor-http-proxy
131	+--send-key 75447B14</c> where <c>75447B14</c> is the key ID. If you don't need
132	+a HTTP proxy you can remove the <e>--keyserver-options honor-http-proxy</e>.
133	</p>
134
135	<p>
136	@@ -449,7 +447,7 @@
137	</p>
138
139	<p>
140	-Gentoo provides a few GPG agent applications. The <c>app-crypt/gnupg-1.9.*</c>
141	+Gentoo provides a few GPG agent applications. The <c>app-crypt/gnupg</c>
142	package contains what could be considered the reference one, and will be the
143	one we'll use in this document.
144	</p>
145	@@ -457,30 +455,41 @@
146	</body>
147	</section>
148	<section>
149	-<title>Installing and Configuring gpg-agent and pinentry</title>
150	+<title>Configuring gpg-agent and pinentry</title>
151	<body>
152
153	<p>
154	-You should install <c>gnupg-1.9.*</c>, which includes <c>gpg-agent</c>, and
155	-<c>pinentry</c>. <c>pinentry</c> is the helper application that gpg-agent uses
156	-to request the passphrase in a graphical window. It comes in three flavors: it
157	-can popup a window using the gtk+, Qt, or curses library (depending on the USE
158	-flag you set when emerging it).
159	+GnuPG includes <c>gpg-agent</c> and <c>pinentry</c>. <c>pinentry</c> is the
160	+helper application that gpg-agent uses to request the passphrase in a graphical
161	+window. It comes in three flavors: it can popup a window using the gtk+, Qt, or
162	+curses library (depending on your USE flags in
163	+<path>/etc/portage/make.conf</path>).
164	+</p>
165	+
166	+<p>
167	+If you installed <c>pinentry</c> with more than one popup window type, you can
168	+choose between them with <c>eselect-pinentry</c>:
169	</p>
170
171	-<pre caption="Installing gpg-agent and pinentry">
172	-# <i>emerge \>=gnupg-1.9.20 pinentry</i>
173	+<pre caption="Switching popup windows">
174	+# <i>eselect pinentry list</i>
175	+Available pinentry implementations:
176	+ [1] pinentry-gtk-2 *
177	+ [2] pinentry-curses
178	+ [3] pinentry-qt4
179	+
180	+# <i>eselect pinentry set 1</i>
181	</pre>
182
183	<p>
184	-Next, create a file called <path>~/.gnupg/gpg-agent.conf</path> and enter the
185	+Now create a file called <path>~/.gnupg/gpg-agent.conf</path> and enter the
186	following lines which define the default timeout of the passphrase (e.g. 30
187	minutes) and the application to be called for when the passphrase should be
188	-retrieved the first time (e.g. the Qt version of pinentry).
189	+retrieved the first time (e.g. the gtk+ version of pinentry).
190	</p>
191
192	<pre caption="Editing ~/.gnupg/gpg-agent.conf">
193	-pinentry-program /usr/bin/pinentry-qt
194	+pinentry-program /usr/bin/pinentry-gtk-2
195	no-grab
196	default-cache-ttl 1800
197	</pre>
198	@@ -505,10 +514,10 @@
199	<body>
200
201	<p>
202	-If you use KDE as graphical environment, edit
203	+If you use KDE as your graphical environment, edit
204	<path>/etc/kde/startup/agent-startup.sh</path> and uncomment the following
205	-(system-wide) or <path>~/.kde4/env/gpg-agent.sh</path> (local user) and add
206	-the following command to it to have KDE automatically starting the GPG agent:
207	+(system-wide) or <path>~/.kde4/env/gpg-agent.sh</path> (local user) and add the
208	+following command to it to have KDE automatically starting the GPG agent:
209	</p>
210
211	<pre caption="Make KDE automatically start the GPG agent">

Gentoo Archives: gentoo-doc-cvs