Download IES Virtual Environment 6.4 Full Cracked ProgramsSoftware Crack, Cracked, Cracks, Serial, Key, Activation, Latest Version for PC, Mac and Linux. Mar 17, 2018 withwith youwithoutwithout youwithdrawwithinwithania somniferawither meaningwithholding taxwithout brawithdrawal slipwithdraw pf onlinewithout you lyrics 0fea0b1dc0.
This guide is intended to enable an experienced technical user to securely generate GPG keys, back them up, and put them on smartcards.
The version of GPG used in this guide is
1.4.12-7
from Debian's wheezy/main repository.Caveats
As with many things, this guide has limitations.
The author is a Debian user, so all the specific instructions are based on Debian 7.x. If you use a different version of Debian or Debian-like OS such as Ubuntu or Mint, things might just work for you unchanged. If you’re an OSX user you might need to change something here or there. Unfortunately, the author is not able to provide advice for Windows.
This guide is targeted at a technically experienced user. It focuses on use of the terminal, not on graphical applications. Sadly, this makes it inaccessible to a lot of people. At the time of writing, GPG is not a very user-friendly piece of software, and there aren't many graphical frontends which both work well and support the advanced usage scenario described in this guide. If you find an application which works and is compatible with this guide, please get in touch: the author would love to hear from you!
If you try this guide and it doesn’t work for you, please email the author and tell them what broke! If you use OSX or Windows, you are invited to port this guide for your OS, and to let the author know what the right instructions are for you.
License
The license for this work is Creative Commons Attributuion-ShareAlike-3.0 USA. You are welcome to re-use it under that license, but the author requests that you send changes upstream by email or pull request rather than forking outright.
Target Setup
This is a guide for setting up a master key with three specific subkeys, backed up, and stored on smartcards. If you follow this guide through, you should end up with:
- backups of your GPG master key & subkeys on removable storage,
- a smartcard with your GPG master key, to use when certifying other people's keys,
- a smartcard with your everyday keys,
- your main computer set up and ready to use GPG, but without any private keys,
- revocation certificates stored in a safe place.
Materials
You may want to get some things ready before following this guide. To follow all the steps, you'll need:
- Your main computer: the one that you use everyday and want to use GPG on.
- A 'secure' computer, whatever that means.
- Two smartcard(s) and readers for them.
- Some storage for your master key and backups: a handful of flash drive(s), and perhaps a printer.
- A hardware random number generator, if you have one.
Environment/Preparation
Cryptography is only a secure as the computer that's running it. If your private keys are stored on a computer which is compromised, the attacker can decrypt your messages, make valid signatures, or impersonate you. One of the goals of the setup described here is that you never end up showing your private keys to your everyday computer. Even if your everyday computer is compromised, an attacker won't get your private keys.
However, you do need to use a computer to generate your keys and you might need to use a computer to recover if something goes wrong. For these higher-stakes operations, it's worthwhile to use a computer which is as secure as possible, even if that means that your more-secure computer is a little harder to use.
Securing a computer is really difficult. The more secure you want a computer to be, the more work it'll be to set that up, and -- probably -- the fewer features that computer will have and the harder it'll be to use. The amount of work you want to spend securing a computer depends on who you think might be trying to get at your keys, and how capable, organized, and powerful they are.
Threat modeling is the process of thinking about what attacks you might expect and how much work you want to spend mitigating those attacks. Once you've thought about your threat model, you can pick the right secure computer for you. From now on, this guide just talks about your 'secure computer', whatever that means to you.
Getting Started
Boot up your secure computer. Turn off any network connections, unplug any non-vital peripherals and check that nobody is watching over your shoulder: it's time to make some keys.
A note on entropy. Really good random numbers are needed to generate keys securely. We're not talking kinda unpredictable, we're talking about all-natural, organic, shade-grown, entropy. If you don't have good entropy, someone else might be able to guess your key, and that'd be really bad. If you have one, now is the time to set up your hardware random number generator. If not, you probably don't need to worry: key generation will just take a little longer while your computer gathers entropy. If you're using a virtual machine, or another prefab environment you should definitely worry about this
Okay, grab yourself your favorite terminal. Let's get started.
Initial Configuration
Some of the options in GPG's config file influence the parameters used when generating keys. Edit your
~/.gnupg/gpg.conf
to add the following lines. Make sure to remove any similar directives which are already there. If you like, back up your current config file and decide which parameters to choose later when we discuss gpg.conf
in more depth. For now, you can safely just cargo cult this:Key Type and Capabilities
amnesia@amnesia:~$ gpg --expert --gen-key
The
expert
flag tells GPG that you might want to do something complex, and gives you more options (some of which you can get wrong). Don't worry though: you're following this guide, so you're an expert. The gen-key
command tells GPG that we want to generate a new set of keys. GPG should reply with something like this:That's a lot of options. Those last two are only there because we're in
expert
mode. There are two things that GPG is asking right now:- What asymmetric-key algorithm do yo want to use? Your options are RSA, DSA, or Elgamal.
- What capabilities do you want your key to have? Wait, what's a capability?
Capabilities are things that a key can do. GPG thinks of four capabilities, four different cryptographic applications of the same type of key:
- Certify. This is where you 'sign' someone else's key: promising that you know that a key really belongs to the person it says it does.
- Sign. This is where you make an unforgeable 'signature' on a file, document, or so on. Anyone can verify that only you could have signed it.
- Encrypt. Other people can encrypt messages to this key, and only you can decrypt them. Should probably be called 'decrypt' instead.
- Authenticate. You can use this key to prove that you are who you claim. particularly useful when logging on to remote servers.
For various reasons related to the perceived strength of the ciphers, and the ways that they break when they fail, we're going to pick RSA keys. All RSA, all the time.
We're going to define our capabilities manually for the master key and some subkeys, so let's pick the last option.
Your selection? 8
GPG will now ask you to pick capabilities for your master key, asking something like this:
We're going to keep our master key in cold storage most of the time, probably on a USB drive or two stored in safe places. Our master key will be the 'glue' that sticks our other keys together, binds them to our identity/ies, but won't be used for everyday tasks. It's always a good idea to pick the minimal set of capabilities.
Sadly the OpenPGP standard and GPG in particular requires that a master key has the
Certify
capability, and simply doesn't allow subkeys to have that capability. There's no way around this, so we have to leave the Certify
capability in place, and we'll use this master key every time we want to certify other people's keys. Many smartcards won't accept a key which doesn't have one of the sign/authenticate/encrypt capabilities. Since we want to put the master key on a smartcard, let's leave the Sign
capability too.Key Size
Now GPG will ask you how big a key you would like:
GPG's suggested default is 2048 bits. With crypto keys, bigger is always more secure, so your gut reaction should be to pick 4096 bits. Unfortunately, may smartcards don't support keys larger than 3072 bits, so let's pick that size. There's no very good reason for that particular limit, but that's definitely what it is.
You may be wondering why we're going to all this trouble to generate this key on a computer rather than on the smartcard itself. If we generate the key on a computer first, then we can keep a backup on removable media. If your smart card later gets left on a bus or run over by one, you have a backup. You can copy it to a new smartcard and pick up where you left off.
What keysize do you want? (2048) 3072
Expiration Date
We need to decide when this key should expire.
'Author,' -- you might be thinking -- 'this is a pretty involved process, and I don't want to do it very often. Why would I want my key to expire.' Good question, hypothetical straw-person reader. You're quite right: it really would be better if this key never expires. But even as we hope for the best, we should prepare for the worst.
Imagine some hypothetical future you. You use your key all the time, and loads of folks rely on it. Then: disaster strikes! You are attacked by a ninja clan, who (mistakenly?) think that you're a pirate sympathizer. They destroy all your computers, all your backups, everything. For good measure, they thwack you on the head and make you forget all your passwords and other secret plans. Now you have a problem: you've lost you key, but it's still valid. Other people might even send you encrypted messages or expect you to sign or authenticate things with it. Even if you create a new key, there's nothing to stop some poor confused soul from using your old, destroyed key by accident. Oh dear.
We're going to use expiration in an attempt to stave off this dire scenario, sort of like a dead-person's switch. When you set an expiry date on you key, in the event of scenario NINJA OBLIVION OMEGA, eventually the lost key will expire and people will stop trying to use it. However, in the RAINBOWS BUTTERFLIES UNICORNS situation, you're fine. If you still control the key, then you can always postpone the expiry date, even if it's already passed. Eerie, perhaps but useful.
With all that in mind, pick a time. The longer the time is, the longer someone might accidentally use a lost key. The shorter the time, the more frequently you'll have to get out your master-key smartcard and and push back the clock. Remember your threat model? Let it guide you.
Keyserverless usage note. If you don't want to use keyservers, remember that you still have to distribute your key after you change its expiry date. If that's going to be especially difficult for you, consider that when picking a time.
For most folks, a six months is a perfectly reasonable period.
User IDs
Now you need to tell GPG who you think you are:
Oh my. Gentle reader, you may ask: 'What is this madness?! Why does GPG want to know who I am; is it part of The System?'. This is probably a good time to talk about identities, and what on earth they mean.
When you use GPG, you're probably trying to communicate with people. Fundamentally, you don't really care whether you're encrypting to a particular key. What you want is to know that you're encrypting to a particular person's key. You want that person to be able to read the message, and nobody else. This is what user IDs (UIDs) are all about. A UID is an identifier which indicates a particular person by name and address. In theory, an address could be any way to reach someone, like 'subspace channel 23571, towards relay station twelve'. In practice, OpenPGP and GPG only understand email addresses and things that look like email addresses.
Think of the name that everyone knows you by, and the address that you tell people when you actually want them to email you. Those are probably the best options to put here. Don't enter a comment, you will only ever regret it. Again, nyms are a complicated topic.
Passphrase
Your passphrase is used to encrypt your key when it's stored on disk. This prevents someone who gets access to your secret keyring from using your key. You want to pick a passphrase so incredibly complex that a nobody will ever guess it, even if they use a computer to try guessing words and combinations of words, and so on. You also want a passphrase so simple and memorable that you'll never forget it. That sounds pretty tough. This isn't a guide to passphrases. What's your threat model again? GPG won't echo your passphrase back as you type it.
Wait for Entropy
Now that you've filled out GPG's standard application form (in triplicate), your computer is actually going to generate some keys. About time.
What is this? Well, this could take a little while. Perhaps go get some tea?
Ugh, a few more minutes. If we had a random number generator, this would be a lot easier.
Back up
Now your master key is available. You want to export it up to some secure media and then never speak of it again. Every time a computer has access to your master key, that's a chance for everything to go wrong. We're going to export it to cold storage, and then test to make sure that we actually did that right.
That string of eight letters and numbers at the end is the key ID, a short way to refer to this master key, all it's UIDs, signatures, any subkeys, or other stuff it might pick up over time. It's the last eight character of the key's fingerprint, which GPG just told you when it completed generating your key. Key IDs aren't securely unique, but that doesn't matter right now.
The
armor
signal tells GPG to write an 'ASCII-armored' text file, rather than a binary one. The output
parameter specifies the filename to save the keys to. The export-secret-keys
command does just what it sounds like: it exports secret keys, but not the public parts. The regular export
command only exports public keys, for your safety and convenience. Note that the GPG command always comes last, after all its flags and parameters. Just for safe keeping, let's make some backups.If you want to make a paper backup, you could print one of those 'ASCII-armored' export files. If you ever have to use it, you'll have a fun job typing all that back in. There's probably a good way to use a 2D barcode. Paper backups are left as an exercise to the reader.
The key is only as secure as the least safe place that you have it backed up. If you export it to an unencrypted removable drive and someone else gets their hands on that drive, only the complexity of your passphrase is standing between them and total control of your key.
Back off
Okay, now you've probably exported your key to some safe cold-storage. I say probably because let's just make sure, eh? Delete your secret keyring and make sure you can get your keys back from the backups you just made
rm ~/.gnupg/secring.gpg
If you're using something like TAILS, rebooting is a great idea, but remember to edit your
gpg.conf
again after you boot back up. Once you've rebooted, try to re-import the master key from that backup you just made.All that stuff about
secret keys imported
: that's GPG telling us that it managed to retrieve the files. To be on the safe side, delete your keyring/reboot, and test the other two backups just the same way.Okay, great! We have a master key. You can drink that cup of tea now, you've earned it! Maybe even a biscuit too. While you're waiting for it to brew, go put your cold storage and your backups somewhere safe. If all goes well, you'll never need to touch them again.
This next section is all about smartcards. Smartcards are designed to securely store cryptographic keys without ever revealing them. When you use a smartcard, all the crypto happens on the card itself. Your computer sends the smartcard a message like 'Please decrypt this file.' and the smartcard does the decryption and sends back the plaintext without ever revealing the secret key.
Unfortunately, most smartcards and readers are proprietary. That means that it's really hard to audit them to ensure that they're truly secure and don't have any backdoors. It's totally plausible that some smarcards might have bugs that allow timing attacks, and perhaps some even have backdoors which will allow them to divulge the secret key.
For safety's sake, you might want to assume that your smartcard has a backdoor or vulnerability and treat it like a (less-secure) USB thumb drive. On the bright side, your card might actually be secure and give you an extra layer of insualtion against attackers!
You can think long and hard about which smartcard you want, and who you trust to make them safely. For now, let's assume that you've picked a smartcard and reader, and have them ready to go. The GPG manual has some instructions for setting up your computer to use a smartcard and reader.
Smartcard Setup
First, let's take a look at your smartcard, and check that it works.
amnesia@amnesia:~$ gpg --card-edit
You should see something like this:
If you don't, make sure that GPG is set up to use your smartcard. Perhaps check the GPG manual pages on the topic. If you find another guide which is better for your smart card, please send it over.
If GPG can see your card, you can set it up. Let's turn on admin mode so that we can make changes.
Authorization PINs
Before setting up the PINs for your smartcard, it is important to have a safe place to store them. A password manager may help you generate, store (and label) each of the three PINs (admin PIN, user PIN, and reset code) we'll be setting up. Some of the commands we'll be using may 'time out' abruptly and force you to start over in entering a new PIN if you take slightly too long to type it, so it is recommended that you choose what these three PINs will be ahead of time. A password manager will help you do that.
The default user PIN is
123456
and the default admin PIN is 12345678
. Let's start by changing these.The admin PIN is used to make changes to the card, while the user PIN actually lets the card decrypt or sign things using the onboard keys. If you (or some malicious outsider) enters the user PIN wrong three times, the card is locked, and the Admin PIN is needed to unlock it. If you use a GSM cellphone, this is somewhat like your SIM card's PIN and PUK codes. Entering an incorrect admin PIN three times destroys the card. You probably want to avoid that.
The admin PIN isn't used every day, and you only need it to reconfigure the card or fix it if you mess up your PIN. It doesn't need to be something you can remember, just find when all else fails. It's probably a good idea to use the longest admin PIN your card accepts (in this example, 32 digits long). You should probably write the admin PIN down a text file on your master key cold storage and backup disks.
Now change the user PIN. This is the PIN that you'll enter every time you use the card. This first card is just for your master key which you'll only use for certification. That doesn't happen very often, so feel free to pick a long user PIN, as long as you record it somewhere safe or don't forget it.
You should also set a reset code. The reset code is useful in case you have forgotten both the admin and user PINs. It tells the card to completely reset itself, deleting all the keys, and returning to the factory configuration. Since you have backups of everything, this helps avoid turning your fancy smartcard into a useless piece of plastic.
All done here.
Personal Attributes
You can also set some personal attributes. Many of them do very little in practice, though
login
can have a use.The
login
attribute specifies your typical username on servers where you might authenticate yourself using a key. The url
attribute specifies a place where someone could find your public key online. There's no need to put it there right now, but you can pick the URL with the intent to put it there later.You don't need to set these, but if you do, you might end up with something a little like this.
When you're done:
gpg/card> quit
The Key Editor
This is GPG's key-editing setup, and there are lots of things you can do from here. There are loads of commands, and you can see them all if you ask for some
help
. Let's walk through what you're being shown here then put your master key on a smartcard.'Secret key is available.' means exactly what it says on the tin. It's possible to use the
edit-key
command when you don't have the secret key available, but anything that requires the secret key won't work, obviously.The next line tells us that this is a 3072-bit RSA key, and that the key ID (last eight characters of the fingerprint) are
CDCD72AF
. Your key ID (and fingerprint) will be different. The creation time and expiry time should just be today's date and that plus a bit (six months, in this case). Ada is a well-known time-traveler. Usage tells us that this key has the Sign
and Certify
capabilities.Trust and validity are concepts related to the web of trust, and GPG's work to determine if a key really belongs to the person it says it does.
The next line is the key's UID. There's just one, but it has a little
(1)
beside it anyway, just in case some others show up.Smartcard Export
Your smartcard is ready for use and it's time to move your master key over. When you move a key to a smartcard, GPG deletes that private key from your keyring, and replaces it with a a stub noting that the key is actually on a particular smartcard. That's how GPG knows to prompt you for a card rather than just assuming that the key is unusable without its private parts.
First we need to toggle to the secret key listing.
Then we send it to the card. This can't be undone! Make sure that you've already made your backups, because there's no way to get the secret key back once you've sent it to the card. It sure would be a pity to go to all this trouble only to break the card in a freak balooning accident.
GPG is skeptical, but this is really what you want to do.
GPG will prompt you for your passphrase then the card's admin PIN. Do try to enter them correctly. If you do, you should see something like this:
That little note with the card number means that GPG knows that the key is stores on the smartcard. Success! Save your changes and quit.
gpg> save
We have a master key on a smartcard. Fantastic. Now it's time to to generate some subkeys with the
Sign
, Encrypt
(really decrypt), and Authenticate
capabilities and put them on a different smartcard. Then we'll polish things up and make any other tweaks this key needs.amnesia@amnesia:~$ gpg --expert --edit-key CDCD72AF
Additional UIDs
There are some other changes or tweaks that require the master key's signature. We should make those now.
Perhaps you want to include a work email address as another UID:
Photo UIDs
You could also add a photo:
After you've made the changes you want, you should be left with something like this:
Now it's time to make some subkeys. These are the keys you'll be using every day. We're going use a smartcard to store your everyday keys so that you don't actually need to tell your everyday computer what their secret parts are.
Subkey Type, Capabilities, & Size
gpg> addkey
Once you type in your passprase, GPG gives us the full list of options since we're in
expert
mode again.We're all RSA all the time. We're going to assign capabilities manually, so pick the final option just like last time.
Your selection? 8
We're going to use a different key for each capability. GPG defaults to
Sign Encrypt
for RSA subkeys:Disable the
Encrypt
capability, and continue:Again, we need to pick the size for this key:
Since smartcards only go up to 3072 bits, that's our maximum.
Subkey Expiry
Unlike a master key which is rather a hassle to replace, you can rotate subkeys relatively regularly by generating new ones and revoking the old ones. Other folks who update your key from a keyserver should be able to switch over to the new one without even noticing that they did. This is more difficult if you choose not to use keyservers.
Since you're using a smartcard, you might not want your subkeys to expire: you can just keep using them until something goes wrong, and generate new ones then. If you're not using a smartcard, you might want to pick a reasonable expiry period. You have use your master key to change subkeys, so you might want to make it a large fraction of your master key expiry period, and take that opportunity to rotate subkeys and postpone your master key's expiration at the same time.
While you're waiting for GPG to gather entropy for this subkey, perhaps you might want to browse http://entropykey.co.uk. A UK company called Simtek Electronics makes a USB device which they claim generates truly random quantum entropy. Both the firmware and hardware are closed, so it's hard to verify that claim. Still, the open source MIT-licensed software is available from the site, and included in Debian and Ubuntu.
Repeat
Now we've got a subkey that can
Sign
. Repeat these steps two more times to generate an Encrypt
and an Authenticate
subkey, and you should get something that looks like this.Finish Up
We have our keys all set. They're the right lengths, there are the right number of them, they do the right things, they have the right UIDs. Everything looks great.
If you're happy with the way things look, you can save your changes and quit:
gpg> save
If you quit without saving, all your changes in this session will be discarded.
Subkey Backup
Our subkeys are ready, so let's back them up. Just like the master key, if we ever break or loose the smartcard they're stored on, it'd be nice to be able to restore them so we can still decrypt older messages. We also might one day want to change subkeys, and this backup allows us to re-use their smartcard, rather than having to keep it forever because it's the only copy of the subkeys.
When we export our secret-keys now, GPG will export the sub of our master key (with a note that it's on a smartcard), and the full private parts of our subkeys.
We just made a backup so make sure to test it. Delete your keyrings or reboot, then re-import before continuing. If you reboot, remember to edit your
gpg.conf
again.We've backed up the subkeys, so now it's time to put them on their own smartcard. Smartcards have three slots: one for each capability, so they can all fit on the same card. make sure not to mix up the card for your master key and the one for your subkeys!
You just set up a smartcard, so do the same with this one: change the PINs and add whatever personal info you want. Once you're ready, we can copy the subkeys over.
We need to export keys to a card one at a time. Let's start with the signing key. First we need to toggle to the secret key listing.
Now select the signing subkey. The key editor uses
key #
to select a subkey. Unlike UIDs, subkeys don't have helpful number hints by them, so you just need to count. How hard could it be?Notice how the signing subkey key now has a little star beside it? That's means it's selected.
Now repeat this for the other two subkeys. Make sure to put them in the right slots on the card. When you're done, the secret key view should look like this.
The smartcard is ready to go. Save your changes and quit.
gpg> save
At this point, we've generated four keys (one master key and three subkeys) and exported each of them to a smartcard. This means that the 'private' keys in this keyring are actually all just pointers to smartcards. Now we can export the stubs for use on our everyday machine. Even though we're using the
export-secret-keys
command, this output will actually contain no secret keys at all!Backup
As always, let's back up our work before proceeding:
After a backup, delete your keyrings or reboot, then make sure you can import from any of those files.
'Keys'
Now export the key files for your everyday machine.
Revocation Certificates
Now's a perfectly good time to generate a revocation certificate. You might want to put this on your everyday machine, or you might want to print it out. A revocation certificate allows you to cancel your key without needing to have the secret part on hand (you used the secret part to create the certificate).
A jerk who got a hold of a revocation certificate for your key could also cancel your key (which would probably make a lot of work for you), but they couldn't sign things on your behalf, or decrypt secret messages meant only for you.
This probably means that you should store your revocation certificate somewhere other than where you store your master key backus, and just a little more accessible, so that even if you loose those backups, you can still revoke the key.
Here's how to make one.
Then you'll have to enter your user PIN. Make sure you're using the right smartcard, and you've got the right user PIN for it.
If you want, you can generate certificates for other scenarios too, but there's probably no need.
We're done with key generation now. If you've been following through all the steps, you probably have two smartcards/readers and five USB thumb drives:
- cold storage
- key backup alpha
- key backup omega
- everyday usb
- print share
The cold storage and key-bakup disks should have a full copy of the public and private parts of your master key and all your subkeys. Put these in your home safe or your piggy bank, or wherever you keep things safely. They should contain five files:
keyid_private.gpg
: the private part of your master keykeyid_public.gpg
: the public part of your master keykeyid_public+subkeys.gpg
: the public part of your master key and your subkeyskeyid_stub-complete.gpg
: the 'private' pointers to smartcards for your master key and your subkeyskeyid_stub+private-subkeys
: the 'private' pointer to your master key, and the actual private parts of your subkeys
The thumb drive destined for your everyday computer should have two files:
keyid_pub.gpg
: the public parts of all your keyskeyid_stub.gpg
: the 'private' pointers to smartcards for all your keys
The print/share thumb-drive should have as many revocation certificates as you decided to make. Perhaps you should print them, or leave them with a trustworthy friend?
If you've got all that, you're ready to go. You can shut down your secure computer now. Next, we'll walk through setting up your everyday computer.
gpg.conf
{#config}
First, let's get GPG all snazzy-like. Here's a sample
gpg.conf
for you.Key Import
Now Let's import those keys.
Don't worry if you see a warning about time warps or clock problems. It probably means you were using a secure computer with a live OS like TAILS, and it didn't have an accurate clock.
It's also notable that things look a little different here. Instead of that short 8-character keyID, we have a longer 16-character one. That's because the display options in
gpg.conf
. It's always better to use longer keyIDs, they're harder to spoof. You should copy and paste this long keyID into your gpg.conf
where there's a space for it.If you want to, you gan
gpg --edit-key 4771324ACDCD72AF
and check that you can toggle
to see that your everyday machine knows about the smartcards.Uploading to a keyserver
If everything still looks good, now you can upload your key to a keyserver. Keyservers never forget. Only do this once you're sure.
In a few minutes, your key should propagate to every keyserver out there.
Printing Fingerprints
If you want other folks to sign your key, you'll need to print some pieces of paper with your key's fingerprint. The easiest way is to take this output and just copy and paste it into a text file a bunch of times.