I
Introduction: OpenSSH is a free and open source client/server technology for secure remote login. It is an implementation of the SSH protocol. OpenSSH divided into sshd (server) and various client tools such as sftp, scp, ssh and more. One can do remote login with OpenSSH either using password or combination of private and public keys named as public key based authentication. It is an alternative security method for user passwords. This method is recommended on a VPS, cloud, dedicated or even home-based server or laptop. This page shows how to set up SSH keys on Ubuntu 18.04 LTS server.
Where,
![Create Create](/uploads/1/2/6/2/126207476/134305462.png)
Creating a private/public key pair on Ubuntu Last updated: 04 Jun 2012. There are many reasons you might want to create a key pair on Linux, more specifically on Ubuntu. For more information about key pairs, see this. If your server is an Amazon EC2 Server Instance, you might want to look at more specific information here. Mar 28, 2016 Publish PGP key: To publish GPG keys in ubuntu server, run following commands. Gpg -keyserver keyserver.ubuntu.com -send-keys 47BBA6FC Your public key (fingerprint) would look something like following.
am a new Ubuntu 18.04 LTS user and I would like to setup ssh public key authentication. How do I set up ssh keys based authentication on Ubuntu Linux 18.04 LTS server? How do I set up SSH keys on an Ubuntu Linux 18.04 LTS server? In Ubuntu 18.04 LTS, how do I set up public key authentication?Introduction: OpenSSH is a free and open source client/server technology for secure remote login. It is an implementation of the SSH protocol. OpenSSH divided into sshd (server) and various client tools such as sftp, scp, ssh and more. One can do remote login with OpenSSH either using password or combination of private and public keys named as public key based authentication. It is an alternative security method for user passwords. This method is recommended on a VPS, cloud, dedicated or even home-based server or laptop. This page shows how to set up SSH keys on Ubuntu 18.04 LTS server.
Advertisements
Ubuntu 18.04 Setup SSH Public Key Authentication
The procedure to set up secure ssh keys on Ubuntu 18.04:
- Create the key pair using ssh-keygen command.
- Copy and install the public key using ssh-copy-id command.
- Add yourself to sudo admin account on Ubuntu 18.04 server.
- Disable the password login for root account on Ubuntu 18.04.
Sample set up for SSH Keys on Ubuntu 18.04
Where,
- 202.54.1.55 – You store your public key on the remote hosts and you have an accounts on this Ubuntu Linux 18.04 LTS server.
- Linux/macbook laptop – Your private key stays on the desktop/laptop/computer (or local server) you use to connect to 202.54.1.55 server. Do not share or give your private file to anyone.
In public key based method you can log into remote hosts and server, and transfer files to them, without using your account passwords. Feel free to replace 202.54.1.55 and client names with your actual setup. Enough talk, let’s set up public key authentication on Ubuntu Linux 18.04 LTS.
How to create the RSA/ed25519 key pair on your local desktop/laptop
Open the Terminal and type following commands if .ssh directory does not exists:
Next generate a key pair for the protocol, run:
OR
These days ED25519 keys are favored over RSA keys when backward compatibility is not needed:
$ mkdir -p $HOME/.ssh
$ chmod 0700 $HOME/.ssh
Next generate a key pair for the protocol, run:
$ ssh-keygen
OR
$ ssh-keygen -t rsa 4096 -C 'My key for Linode server'
These days ED25519 keys are favored over RSA keys when backward compatibility is not needed:
$ ssh-keygen -t ed25519 -C 'My key for Linux server # 42'
How to install the public key in Ubuntu 18.04 remote server
The syntax is as follows:
For example:
I am going to install ssh key for a user named vivek (type command on your laptop/desktop where you generated RSA/ed25519 keys):
ssh-copy-id your-user-name@your-ubuntu-server-name
ssh-copy-id -i ~/.ssh/file.pub your-user-name@your-ubuntu-server-name
For example:
## for RSA KEY ##
ssh-copy-id -i $HOME/.ssh/id_rsa.pub [email protected]
## for ED25519 KEY ##
ssh-copy-id -i $HOME/.ssh/id_ed25519.pub [email protected]
## install SSH KEY for root user ##
ssh-copy-id -i $HOME/.ssh/id_ed25519.pub [email protected]
I am going to install ssh key for a user named vivek (type command on your laptop/desktop where you generated RSA/ed25519 keys):
$ ssh-copy-id -i ~/.ssh/id_ed25519.pub [email protected]
Test it
Now try logging into the Ubuntu 18.04 LTS server, with ssh command from your client computer/laptop using ssh keys:
$ ssh your-user@your-server-name-here
$ ssh [email protected]
What are ssh-agent and ssh-add, and how do I use them on Ubuntu 18.04?
To get rid of a passphrase for the current session, add a passphrase to ssh-agent (see ssh-agent command for more info) and you will not be prompted for it when using ssh or scp/sftp/rsync to connect to hosts with your public key. The syntax is as follows:
Type the ssh-add command to prompt the user for a private key passphrase and adds it to the list maintained by ssh-agent command:
Enter your private key passphrase. Now try again to log into [email protected] and you will NOT be prompted for a password:
$ eval $(ssh-agent)
Type the ssh-add command to prompt the user for a private key passphrase and adds it to the list maintained by ssh-agent command:
$ ssh-add
Enter your private key passphrase. Now try again to log into [email protected] and you will NOT be prompted for a password:
$ ssh [email protected]
How to disable the password based login on a Ubuntu 18.04 server
Login to your server, type:
Now login as root user:
OR
Edit sshd_config file:
OR
Find PermitRootLogin and set it as follows:
Save and close the file. I am going to add a user named vivek to sudoers group on Ubuntu 18.04 server so that we can run sysadmin tasks:
Restart/reload the sshd service:
You can exit from all session and test it as follows:
## client commands ##
$ eval $(ssh-agent)
$ ssh-add
$ ssh [email protected]
Now login as root user:
$ sudo -i
OR
$ su -i
Edit sshd_config file:
# vim /etc/ssh/sshd_config
OR
# nano /etc/ssh/sshd_config
Find PermitRootLogin and set it as follows:
PermitRootLogin no
Save and close the file. I am going to add a user named vivek to sudoers group on Ubuntu 18.04 server so that we can run sysadmin tasks:
# adduser vivek sudo
Restart/reload the sshd service:
# systemctl reload ssh
You can exit from all session and test it as follows:
$ ssh [email protected]
## become root on server for sysadmin task ##
$ sudo -i
How do I add or replace a passphrase for an existing private key?
To to change your SSH passphrase type the following command:
$ ssh-keygen -p
How do I backup my existing private/public SSH keys
Just copy files to your backup server or external USB pen/hard drive:
How do I protect my ssh keys?
- Always use a strong passphrase.
- Do not share your private keys anywhere online or store in insecure cloud storage or gitlab/github servers.
- Restrict privileges of the account.
Tip: Create and setup an OpenSSH config file to create shortcuts for servers
See how to create and use an OpenSSH ssh_config file for more info.
How do I secure my OpenSSH server?
See “OpenSSH Server Best Security Practices” for more info.
Conclusion
You learned how to create and install ssh keys for SSH key-based authentication for Ubuntu Linux 18.04 LTS server. See OpenSSH server documents here and here for more info.
ADVERTISEMENTS
Contents
|
'GnuPG uses public-key cryptography so that users may communicate securely. In a public-key system, each user has a pair of keys consisting of a private key and a public key. A user's private key is kept secret; it need never be revealed. The public key may be given to anyone with whom the user wants to communicate.' From The GNU Privacy Handbook
This page describes how to use OpenPGP keys. For a brief description of what OpenPGP is see the next section. The package gnupg (including the command gpg) is installed on all Ubuntu systems. The package description says in part: 'GnuPG 1.4 is the standalone, non-modularized series. In contrast to the version 2 series, shipped with the gnupg2 package, it comes with no support for S/MIME and some other tools useful for desktop environments, but also with less dependencies.' This page mainly describes how to use the gpg command.
The terms 'OpenPGP', 'PGP', and 'GnuPG / GPG' are often used interchangeably. This is a common mistake, since they are distinctly different.
- OpenPGP is technically a proposed standard, although it is widely used. OpenPGP is not a program, and shouldn't be referred to as such. PGP and GnuPG are computer programs that implement the OpenPGP standard.
- PGP is an acronym for Pretty Good Privacy, a computer program which provides cryptographic privacy and authentication. For more information, see this Wikipedia article.
- GnuPG (aka GPG) is an acronym for GNU Privacy Guard, another computer program which provides cryptographic privacy and authentication. For further information on GnuPG, see this Wikipedia article.
There are several programs which provide a graphical interface to the GnuPG system.
- Enigmail, an OpenPGP plugin for Mozilla Thunderbird.sudo apt-get install enigmail
- GNU Privacy Assistant is a graphical user interface for the GnuPG (GNU Privacy Guard).sudo apt-get install gpa
- Seahorse is a GNOME application for managing encryption keys. It also integrates with nautilus, gedit, and in other places for encryption operations. Note: seahorse is installed by default on Ubuntu. It is called 'Passwords and Keys' in Ubuntu.
- KGPG is a simple, free, open source KDE frontend for gpg.sudo apt-get install kgpg
- Kleopatra is another KDE frontend for gpg that is integrated with the KDE PIM (although you need to install it separately for now).sudo apt-get install kleopatra
To generate a key:
- Open a terminal and enter:
- If you are using GnuPG version 1.4.10 or newer, this will lead to a selection screen with the following options: Select (1), which will enable both encryption and signing.
- If you are using an older version, the selection screen will have the following options: We suggest you select (5). We will generate an encryption subkey later.
- Enter the keysize. A keysize of 2048 (which is the default) is a good choice.
- Specify how long the key should be valid for. Most people make their keys valid until infinity, which is the default option. If you do this don't forget to revoke the key when you no longer use it (see below).
- Hit Y to confirm.
- Enter real name, comment, and email address when prompted. Make sure that the name on the key is not a pseudonym, and that it matches the name in your passport, or other government issued photo-identification! You can add extra e-mail addresses to the key later.
- Type O to continue.
- Enter your passphrase twice. Usually, a short sentence or phrase that isn't easy to guess can be used. Note: forgetting your passphrase will result in your key being useless.
- You will be asked to tap on the keyboard (or do any of the things you normally do) in order for randomization to take place. This is done so that the encryption algorithm has more human-entered elements, which, combined with the passphrase entered above, will result in the user's private key. Please follow the instructions on the screen till you reach a screen similar to the one below.You have now generated the key. In the above listing the key-id is D8FC66D2 (yours will be different).
Setting the key to be the default
It is probably a good idea to set this key as default in your ~/.bash_profile or ~/.profile. Doing this will allow applications using GPG to automatically use your key.
- Set your key as the default key by entering this line in your ~/.bash_profile (along with any other environment variables to be exported):Please note that this will be sourced only during your next login. To use it straight away, you should run the export command in the current shell.
- Now restart the gpg-agent and set the relevant environment variable:
Adding Encryption Capabilities
- If you created an 'RSA (sign only)' key earlier, you will probably want to add encryption capabilities. Assuming you edited ~/.bash_profile as above, open a terminal again and enter:=.B.o +.o. + + +- SHA256 -+Your SSH key is now generated and ready to use! Generate new rsa key ubuntu free.
- This will present a dialog like the following:
- To create a subkey, enter 'addkey'. You will have to enter your key's passphrase, and then you'll see a somewhat familiar series of dialogues:
- Choose 6.
- Again, 2048 is a sensible default.
- Choose whether this encryption subkey is set to expire (default: it doesn't). Then confirm that you want to make this subkey.
- Enter 'save', then 'quit.' Your key is now capable of encryption.
Creating a revocation certificate
A revocation certificate must be generated to revoke your public key if your private key has been compromised in any way. It is recommended to create a revocation certificate when you create your key. Keep your revocation certificate on a medium that you can safely secure, like a thumb drive in a locked box.
To create a revocation certificate, enter:
and follow the instructions. Note: you will need the passphrase. The revocation certificate may be printed and/or stored as a file.
Anybody having access to your revocation certificate can revoke your key, rendering it useless. |
Making an ASCII armored version of your public key
Some keyservers allow you to paste an ASCII armored version of your public key in order to upload it. This method is often preferred, because the key comes directly from the user and the user can see that the key has been successfully uploaded.
To create an ASCII armored version of your public key, enter:
This is the command using our example (key-id = D8FC66D2):
This section explains how to upload your public key to a keyserver so that anyone can download it. Once you have uploaded it to one keyserver, it will propagate to the other keyservers. Eventually most of the keyservers will have a copy of your key. You can accelerate the process by uploading your key to several keyservers.
To upload the key, enter:
![Create Create](/uploads/1/2/6/2/126207476/134305462.png)
Using our example (key-id = D8FC66D2), the command is:
To upload the key using a web browser:
You should consider to submit your ownserial numbers or share other files with the community just as someone else helped you with microsoft project professional 2013 serial number.Sharing is caring and that is the only way to keep our scene, our community alive. This should be your intention too, as a user, to fully evaluate microsoft project professional 2013 withoutrestrictions and then decide.If you are keeping the software and want to use it longer than its trial time, we strongly encourage you purchasing the license keyfrom microsoft official website.
Nothing can stop us, we keep fighting for freedomdespite all the difficulties we face each day.Last but not less important is your own contribution to our cause. This release was created for you, eager to use microsoft project professional 2013 full and with without limitations.Our intentions are not to harm microsoft software company but to give the possibility to those who can not pay for any pieceof software out there. Our releases are to prove that we can!
![Microsoft project 2013 license key Microsoft project 2013 license key](/uploads/1/2/6/2/126207476/540414431.jpg)
- Export your key by issuing this command (where GPGKEY is defined above) :
- Copy the content of the file mykey.asc.
- Open http://keyserver.ubuntu.com/ in a browser window.
- Paste the copied content in the box under the label Submitting a new OpenPGP Key.
- Click Submit.
Note that keyserver.ubuntu.com is only reachable via IPv4.
OpenPGP implementations can be used to digitally sign, encrypt, and decrypt email messages for heightened security. You can validate your keys with Launchpad, and under some situations, Launchpad will send you signed or encrypted email. You would then use OpenPGP support in your mail reader to decrypt these messages or verify a message's digital signature. Of course, you can also use the OpenPGP support in your mail reader to trade encrypted messages with your colleagues, or sign your own messages so that others can have better assurances that the email that appears to come from you actually does come from you.
The instructions below are not intended to provide you with detailed information on OpenPGP, its various implementations, or its use. These instructions simply provide links that can help you set up your mail reader to be compatible with OpenPGP signed and/or encrypted email.
We need your help to flesh out these instructions!
Linux mail readers
This section is not all inclusive. Please feel free to add additional mail clients.
Evolution
Evolution has built-in support for OpenPGP. Look under the Security tab when you edit accounts.
- Open Evolution and go to Edit->Preferences.
- Choose your email account, click on it, and then click Edit.
- Click on the security tab.
- In the PGP/GPG Key ID: box, paste your KEY-ID.
- Click OK. Click Close.
- If you want to use your key in any new email, simply click on the Security menu item in your new mail message, and then click on PGP Sign.
KMail
Kmail / Kontact has built-in support For Gutsy, and later releases, everything required is installed by default. See the Kmail GPG page for details.
Claws Mail
Claws Mail supports OpenPGP through the plugin claws-mail-pgpinline
- claws-mail-pgpinline is available in the 'Universe' repository.
- The plugin may have to be loaded manually after installing it. Open Claws Mail and select Configuration -> Plugins
- If PGP/Core and PGP/inline are in the Plugins dialogue box, the plugins are loaded correctly.
- Otherwise, click on the Load Plugin button towards the bottom of the window. In the file selection dialogue, select pgpinline.so and click the Open button.
- When Claws Mail tries to open encrypted e-mail, the program will prompt for your key's passphrase and then show the e-mail with the decrypted message.
Thunderbird
- Thunderbird supports OpenPGP through the enigmail plugin.
- Enigmail is available in the 'Main' repository.
- Configure OpenPGP support in Thunderbird under Enigmail->Preferences and add under GnuPG executable path. The path for GnuPG is /usr/bin/gpg.
Mutt
- Create a ~/.mutt directory and copy this file into it: /usr/share/doc/mutt/examples/gpg.rc
- Append this line to the muttrc configuration file.
- If you're using Mutt 1.5.13, you'll need to fix the paths to pgpewrap as detailed in this post
Miscellaneous/all platforms (web mail)
This section in need of expansion. Please feel free to add any additional plugins for Firefox or other browsers.
Gmail
- If you use the Chrome or the Chromium browser you can use Goopg to sign and verify emails directly from the Gmail web interface. For details click here).
It's All Text!
- It's All Text! is a Firefox extension which allows you to edit your mail in your preferred local text editor.
- If your editor supports it, this can make handling of encrypted mail easier.
- For example, you could use gnupg.vim and a local Vim instance.
You need to validate a key with Launchpad (that is, import it into Launchpad) in order to be able to sign the Ubuntu Code of Conduct (and thus become an Ubuntero) and to build packages using HCT.
OpenPGP keys and Launchpad
To import a key you need the key fingerprint. To list all keys and their fingerprints, enter:
A fingerprint will look something like this:
To import a key:
- Log into Launchpad if necessary.
- Visit the 'Change your OpenPGP keys' page.
- Paste the fingerprint into the textbox and click 'Import Key'. Launchpad will send you an encrypted email. The text of the email will look similar to this:
- Save the text of the email to a file.
- Decrypt the text:
- Enter your passphrase. The message will be displayed along with the link you must follow to validate your key with Launchpad.
- Follow the link, enter your Launchpad password when prompted, and you are done!
Generate Pgp Public Key Ubuntu Windows 7
Validating using Firefox and FireGPG
- If you are on gmail, using the FireGPG addon, simply scroll down and click 'decrypt this mail'. You will now see the decrypted message with a link and a token. Copy that URL: https://launchpad.net/token/somealphanumerictoken
- Follow the link and click on 'Confirm'. Please note that validation does take some time. If you run into an internal 500 server, simply try again with the same token.
- A confirming page should appear once the validation is successfully completed.
Signing data is helpful in verifying if the data from a person is indeed from that person. A typical scenario is described below.
Signing the Ubuntu Code Of Conduct
When you've generated a key and imported it, it is time to sign the Ubuntu Code Of Conduct if you want to become an Ubuntu member or Ubuntero:
- Download the code of conduct from https://launchpad.net/codeofconduct/2.0/+download.
- Enter:
- Upload the contents of UbuntuCodeofConduct-2.0.txt.asc on https://launchpad.net/codeofconduct/2.0/+sign
The whole point of all this is to create a web of trust. By signing someone's public key, you state that you have checked that the person that uses a certain keypair, is who they says they are and really is in control of the private key. This way a complete network of people who trust each other can be created. This network is called the Strongly connected set. Information about it can be found at http://pgp.cs.uu.nl/
In summary,
- Locate someone that lives near you and can meet with you to verify your ID. Sites like http://www.biglumber.com/ are useful for this purposeSo, later on you are able to install the software in 30 days trial mode.Step 3:Download and install the Matlab softwareTo download the software click here:Fill the email id and all details to create a new account.When this window appears select the corresponding operating system and the download will start after the selection. Install Photoshop CS6 and get life time free licenseHey Guys in this post I'm going to show you how to install Photoshop CS6 and Get Freelife time license.Requirements:1. matlabPlease follow the steps:Step 1:Create an account in mathworkTo create a new account in mathwork logon tothen verify the account using your e-mailOr skip this step and follow from step 3.Step 2:Select the 30 days Trial option:After the successful creation of account choose 'get a new trial' option in the website. Set Up File and License Key:Procedure:Step 1:Download the set up and License key from the above link.And Extract the zip file you have downloaded.It contains setup file and license keyStep 2:Click on the Set up file to install Photoshop CS6.Once you click on install it will ask for the location and all click Okay on all popups.Step 3:Once you finish all the steps it will ask for the license key.open the Extracted folder and click on license key (txt file) and open it and copy the license keyand Paste it in the Photoshop license field.Step 4:And that's it. Matlab r2010a activation key generator.
- Arrange for a meeting. Bring at least one ID with photo and printed fingerprint of your OpenPGP key, ask the same from the person you will be meeting with.
- Print copies of your public key
- get the last eight digits of your fingerprint: 0995 ECD6 3843 CBB3 C050 28CA E103 6EED 0123 4567
- terminal: gpg --fingerprint 01234567 >> key.txt
- print the resulting key.txt file and bring as many copies to the meeting as you expect to have people sign
- Meet, verify your IDs and exchange OpenPGP key fingerprints
- Sign the key of the person you've just met. Send him/her the key you've just signed.
- Update your keys on the keyserver, the signature you've just created will be uploaded.
Keysigning Guidelines
Since a signature means that you checked and verified that a certain public key belongs to a certain person who is in control of the accompanying private key, you need to follow these guidelines when signing peoples keys:
During the Event
- Keysigning is always done after meeting in person
- During this meeting you hand each other your OpenPGP key fingerprint and at least one government issued ID with a photograph. These key fingerprints are usually distributed as key fingerprint slips, created by a script such as gpg-key2ps (package: signing-party)
- You check whether the name on the key corresponds with the name on the ID and whether the person in front of you is indeed who they say they are.
After the Event
You now have the printed public key information from the other participants.
Example key IDs for the other participants will be E4758D1D, C27659A2, and 09026E7B. Replace these IDs with the key IDs you received from the other participants.
- Retrieve the keys:
- Sign the keys:
- Export the keys:
- Email the key users (use the email address that was part of the key's user ID) and attach the corresponding signature file - or - send their signed key to the key server:
- Once you receive your signed key import them to your keyring:
- You should see your keys:
- Send your keys to the keyserver:
Congrats - you have now entered a web of trust or enlarged an existing one.
Why should you back up your keypair? If you lose your keypair:
- Any files encrypted with the lost keypair will be unrecoverable.
- You will not be able to decrypt emails sent to you. Decrypting emails sent to you requires your private key, this key is not stored on the keyservers.
If you lose your keypair you should revoke your key. This cannot be done without a revocation certificate.
Backing up your public key
- List your public keys:
- Look for the line that starts something like 'pub 1024D/'. The part after the 1024D is the key-id. To export the key:
Backing up your private key
- List your private keys:
- Look for the line that starts something like 'sec 1024D/'. The part after the 1024D is the key-id. To export the private key:
Restoring your keypair
To restore your keypair:
- Copy the two files created above to the machine.
- Enter the following commands:
Make sure you protect these files!
In the event your keys are lost or compromised, you should revoke your keypair. This tells other users that your key is no longer reliable.
For security purposes, there is no mechanism in place to revoke a key without a revocation certificate. As much as you might want to revoke a key, the revocation certificate prevents malicious revocations. Guard your revocation certificate with the same care you would use for your private key. |
- To revoke your key you need to first create a revocation certificate. Indicate the key to be revoked and direct the output to a file. Continuing with the example (key-id = D8FC66D2):
- Import your revocation certificate:
- Upload the key to your keyserver of choice. Here, the example uses Ubuntu's key server and key-id = D8FC66D2:
Un-revoking a keypair
If you unintentionally revoke a key, or find that your key has in fact not been lost or compromised, it is possible to un-revoke your key. First and foremost, ensure that you do not distribute the key, or send it to the keyserver.
- Export the key:
- Split the key into multiple parts. This breaks the key down into multiple parts:
- Find which file contains the revocation certificate. In most cases, it is 000002-002.sig, however you should make sure by using the following. If the sigclass is 0x20, you have the right file. Delete it.
- Put the key back together:
- Remove the old key:
- Import the new key:
To change your passphrase:
- Enter:
- At the gpg prompt enter:
- Enter the current passphrase when prompted.
- Enter the new passphrase twice when prompted.
- Enter:
You have now changed the passphrase.
- Add your key to ~/.bash_profile by adding a line similiar to export GPGKEY=YOUR-KEY-ID
- gnupg-agent and pinentry-gtk2 are packages that facilitate not having to enter the password for your key every time you want to use it. Open the file ~/.gnupg/gpg.conf in your favorite editor. Browse through it and change what you like. A few useful things to change are:
- keyserver-options auto-key-retrieve
- use-agent (the Ubuntu default for Gutsy and later releases.)
Now create the file ~/.gnupg/gpg-agent.conf with the following content:This will make gpg-agent use pinentry-gtk2 and it will remember your password for 24 hours (please consider the security implications for doing this - anyone gaining access to your computer for 24 hours would then be able to sign anything with your key). For Kubuntu, use pinentry-qt4 instead.
- GPGKeyOnUSBDrive
- UnsignedGpgKey
- GPGsigningforSSHHowTo
- GNUPG Manual
- UbuntuForums Howto, thanks to Kassetra
- Beginners Guide to GnuPG -- Ubuntu Forums
- http://www.biglumber.com
- http://en.wikipedia.org/wiki/Gnupg -- Wikipedia article
- Creating & Utilizing PGP Forum Tutorial
- HOWTO prep for migration off of SHA-1 in OpenPGP
- GnuPG 2.x is a new modularised version of GnuPG supporting OpenPGP and S/MIME. See the man page.
CategorySoftwareCategorySecurity