Comments on: Create, sign, and publish your PGP key with Seahorse

By: Create an ssh key with Seahorse

Create an ssh key with Seahorse — Sat, 18 Dec 2010 19:30:28 +0000

[...] keyring manager for the GNOME desktop. I have covered Seahorse here on Ghacks before (see “Create, sign, and publish your PGP keys with Seahorse“), but one aspect I didn’t cover was the use of Seahorse for secure shell keys. As you [...]

By: Encrypting email in Evolution

Encrypting email in Evolution — Thu, 22 Jul 2010 11:19:46 +0000

[...] you use Seahorse to create one. For more information on Seahorse you can read my article “Create, sign, and publish your PGP key with Seahorse“. When you create that key you will do so with a name associated with it. You will use that [...]

By: nospam

nospam — Wed, 23 Sep 2009 09:52:21 +0000

Ubuntu Jaunty

If you want a GUI vs CLI, I recommend you to use GPA to manage your PGPKeys on Jaunty http://www.gnupg.org/related_software/gpa/screenshots.en.html (it is in the rep.)
The is a bug in seahorse 2.26.n You can import your private keys (e.g. from your desk to your notebook) but you cannot set the owner trust. The bug is corrected on v. 2.28.n

Seahorse (Gnome dependent) holds your pass shell keys and pass keyring (e.g. evolution password). So in doubt, do not attempt to remove/replace it with GPA if you are not sure what you are doing or if you are a beginner.

By: GoblinX Project » GoblinX Newsletter, Issue 218 (09/20/2009)

GoblinX Project » GoblinX Newsletter, Issue 218 (09/20/2009) — Sun, 20 Sep 2009 13:34:50 +0000

[...] Create, sign, and publish your PGP key with Seahorse [...]

By: Ramesh

Ramesh — Sun, 20 Sep 2009 04:43:38 +0000

Thanks Jack for your answers. These questions were bugging me for a long time.
On point # 3. Could u please explain me “if you do not sign a key” — What is sign a key.

Is this what are u talking
1. Make a key trusted ( say mypublic key)
2. Encrypt the doc for that trusted key ( say mypublic key)
3. only me who has the myprivate key for mypublickey can see the data

Thanks
Ramesh

By: jack

jack — Sat, 19 Sep 2009 19:05:48 +0000

Ramesh: Good questions.

1. No, GPG and PGP are not the same. Seahorse uses GnuGPG. GnuGPG can read PGP so long as the versions are compatible. PGP versions 2 or earlier will not be compatible.
2. If you’re going to encrypt, say, a bank username/id and place it in your gmail account you should definately make your key as strong as possible with a complicated passphrase. and do NOT put those keys on a key server. I personally wouldn’t put my bank information anywhere – encryption or not.
3. Sure there have been hacks of encrypted data. As I mentioned – if you do not sign a key it can be hacked without your knowing it. Now a well encrypted key will take a long time to break into.
4. so long as the versions are compatible, you shouldn’t need to convert.
5. one simple way around this – don’t keep your keys on a network accessible computer. keep them on a usb flash drive or something like that. but if you do get both private and public keys you would have a fairly easy time decrypting data. but you would probably find any private key i use for critical data does not have a public key lying around anywhere near.

By: Ramesh

Ramesh — Sat, 19 Sep 2009 02:07:56 +0000

Hi I have few questions
1. is gpg and pgp keys are same
2. How safe are the content when we encrypt with pgp/gpg. for .e.g. can I encrypt my bank userid and passwd and put it in my gmail account. ( for argument sake FAS)
3. are they any claims saying that pgp/gpg encrypted contents are hacked
4. if gpg and pgp are not same .. how do we convert gpg encrypted document to pgp encrypted document
5. ok important one FAS ..in your sysem you have both private and public key. I hacked into system through net and I got both private and public key by exporting both keys on cmd line. Can I say your data are compromised..

FYI i: I use gpg2 on my mac book