On 25/03/2019 07:34, Dmitry Alexandrov wrote: > vihsa vihsa <[email protected]> wrote: >> i would like to create an encrypted key using a single email id & use the >> key for all encrypted emails ( i mean various email ids ). > > ,---- > | $ gpg --gen-key > | GnuPG needs to construct a user ID to identify your key. > | > | Real name: Ivan Ivanov > | Email address: [email protected] > | You selected this USER-ID: > | "Ivan Ivanov <[email protected]>" > | > | Change (N)ame, (E)mail, or (O)kay/(Q)uit? o > | gpg: key 0D04350C28BFBA38 marked as ultimately trusted > | public and secret key created and signed. > | > | pub rsa3072 2019-03-25 [SC] [expires: 2021-03-24] > | 20F69AE0F81A160A53E326650D04350C28BFBA38 > | 20F69AE0F81A160A53E326650D04350C28BFBA38 > | uid Ivan Ivanov <[email protected]> > | sub rsa3072 2019-03-25 [E] [expires: 2021-03-24] > | > | $ gpg --edit-key ivan > | Secret key is available. > | > | sec rsa3072/0D04350C28BFBA38 > | created: 2019-03-25 expires: 2021-03-24 usage: SC > | trust: ultimate validity: ultimate > | ssb rsa3072/866CF474942FFF57 > | created: 2019-03-25 expires: 2021-03-24 usage: E > | [ultimate] (1). Ivan Ivanov <[email protected]> > | > | gpg> adduid > | Real name: Ivan Ivanov > | Email address: [email protected] > | Comment: > | You selected this USER-ID: > | "Ivan Ivanov <[email protected]>" > | > | Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o > | > | sec rsa3072/0D04350C28BFBA38 > | created: 2019-03-25 expires: 2021-03-24 usage: SC > | trust: ultimate validity: ultimate > | ssb rsa3072/866CF474942FFF57 > | created: 2019-03-25 expires: 2021-03-24 usage: E > | [ultimate] (1) Ivan Ivanov <[email protected]> > | [ unknown] (2). Ivan Ivanov <[email protected]> > | > | gpg> uid 2 > | > | sec rsa3072/0D04350C28BFBA38 > | created: 2019-03-25 expires: 2021-03-24 usage: SC > | trust: ultimate validity: ultimate > | ssb rsa3072/866CF474942FFF57 > | created: 2019-03-25 expires: 2021-03-24 usage: E > | [ultimate] (1) Ivan Ivanov <[email protected]> > | [ unknown] (2)* Ivan Ivanov <[email protected]> > | > | gpg> trust > | sec rsa3072/0D04350C28BFBA38 > | created: 2019-03-25 expires: 2021-03-24 usage: SC > | trust: ultimate validity: ultimate > | ssb rsa3072/866CF474942FFF57 > | created: 2019-03-25 expires: 2021-03-24 usage: E > | [ultimate] (1) Ivan Ivanov <[email protected]> > | [ unknown] (2)* Ivan Ivanov <[email protected]> > | > | Please decide how far you trust this user to correctly verify other users' > keys > | (by looking at passports, checking fingerprints from different sources, > etc.) > | > | 1 = I don't know or won't say > | 2 = I do NOT trust > | 3 = I trust marginally > | 4 = I trust fully > | 5 = I trust ultimately > | m = back to the main menu > | > | Your decision? 5 > | Do you really want to set this key to ultimate trust? (y/N) y > | > | sec rsa3072/0D04350C28BFBA38 > | created: 2019-03-25 expires: 2021-03-24 usage: SC > | trust: ultimate validity: ultimate > | ssb rsa3072/866CF474942FFF57 > | created: 2019-03-25 expires: 2021-03-24 usage: E > | [ultimate] (1) Ivan Ivanov <[email protected]> > | [ unknown] (2)* Ivan Ivanov <[email protected]> > | > | gpg> save > `---- > >> is this the best way for all encryption emails ? > > Maybe.
This is the correct answer. There is no single best way. Each person needs to understand GnuPG for themselves and design their own configuration and workflow. The official GnuPG documentation needs a lot of work. People are actively working on it in collaboration with the GnuPG developers. I have personally seen several private drafts written by another experienced user. There is a lot of great work being done behind the scenes. There are a lot of poor blog posts and tutorials on the web. At least one claims to the the "ultimate" guide. Beware. Fortunately, the GnuPG community is aware of the documentation issues. They are welcoming to new users who have basic questions. I would suggest doing the following: - Think very carefully about who you take your advice from. Take the advice of experienced GnuPG users and its developers over random people on the Internet. Use your own brain. This is why Dmitry's reply is the correct one. - Start at the GnuPG home page ( https://gnupg.org ) for documentation, links to mailing lists, IRC channels, etc. - Subscribe to the [email protected] mailing list and ask questions there. - Note that the GnuPG developers have designed the default configuration parameters with great care (key size, etc). Unless you have a good reason it's best not to change them. - Do not upload your public keys to a public keyserver. After a key is uploaded to a keyserver it stays there forever. If you decide to use the keyserver network, you should be confident with GnuPG. I think keyservers are a bad idea and many people in the GnuPG community share this opinion. WKD ( https://wiki.gnupg.org/WKD ) is an alternative key distribution method. I think it is much better. Another key distribution method that I think is good is manually transferring a public key to somebody who wants it. - Understand the basics OpenPGP ( https://www.openpgp.org ) and how it relates to GnuPG/GPG. - Find out if there is a cryptoparty or key-signing party in your local neighborhood. Kind regards, Andrew -- You received this message because you are subscribed to the Google Groups "K-9 Mail" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
