Thanks for your help. I wasn't actually seeking to send/receive
encrypted email, although that's probably a useful thing to learn.
All I really wanted to do was verify the integrity of the Tails ISO
file. Most distributions just use a checksum. That's something I can
understand. I just followed these instructions on faith and got
distracted by disconcerting messages. It seems that "gpg: Good
signature" is all I really needed to see. I can't imagine why I would
want to sign my copy of the ISO file.
In spite of all the confusing distraction, I successfully installed
Tails on a USB stick and it seems to work.
On 16-06-08 05:35 PM, Juan Miguel Navarro Martínez wrote:
**tl;dr Stick with defaults. Choose RSA and 2048 size, put whatever in
the name and leave out email and comment and put no password on it. In
the future, learn how to use GnuPG if you want to encrypt and sign
messages and files with it.**
GPG is not a kind of key, GPG is the program for creating OpenPGP keys.
OpenPGP is just an standard which relays on different symmetric,
asymmetric and hashing algorithms (just to short).
In this case, you are **choosing for an asymmetric algorithm**. If you
only want to verify, I would **stick with the default RSA and RSA**,
which creates a PGP Master key for **certifying** (for signing
keys/certificates), which is what you want, and signing (for signing
messages and files) and a encryption subkey (for encrypting messages and
files).
DSA is not recommended.
The **next step** should be **the size**, a default value of **2048 is
okay for your use**, but I would recommend 4096 if you are going to use
it for messaging as 2048 should be recommended unsafe around year 2030.
The **third step** is the key expiration, **for your use you can leave
it to 0**, so it never expires. Again, if you are going to learn and use
GnuPG for encrypting and signing an expiration date is a good practice.
After all you can always extend the expiration date in later use. After
that confirm the expiraton choice.
The **fourth step** is your UID, which tells what identities are tied to
that key, usually real name, and optionally an email and/or a comment
(like Debian Developer). For your case, **you can put anything you want
and leave out email and comment, but use your online identities (real or
anonymous) if you are going to use it for messaging later**. You can tie
multiple identities or UIDs later.
**At last**, you have to input the passphrase to protect your OpenPGP
private key. For you use you can just hit cancel/leave it blank, so that
it is passwordless but, again, in the future, if you want to message or
sign stuff you should use a long password or passphrase for it.
El 08/06/16 a las 22:42, Jonathan Coles escribió:
Thanks.
What kind of key do I want? GPG is not one of the options.
gpg --gen-key
gpg (GnuPG) 1.4.16; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
_______________________________________________
tails-support mailing list
[email protected]
https://mailman.boum.org/listinfo/tails-support
To unsubscribe from this list, send an empty email to
[email protected].
_______________________________________________
tails-support mailing list
[email protected]
https://mailman.boum.org/listinfo/tails-support
To unsubscribe from this list, send an empty email to
[email protected].
