[TriLUG] REMINDER: KeySigning party during Hack Day

[Sarat Sreepathi]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/13/2012 12:26 PM, Bill Farrow wrote:
> On Fri, Apr 13, 2012 at 12:00 PM, Sarat Sreepathi
> <sarat at trilug.org> wrote:
>> Please generate your PGP keys before the meeting, and print out
>> your key fingerprint. For ease of verification, it would be great
>> if interested folks email the following details to me so I can
>> collect it in a master list.
> 
> Hey Sarat, Thanks for the reminder !
> 
> You might also want to give us a quick demo of what a gpg key is,
> how to generate one, and how you would use it in your day to day 
> activities.  We can build this into a larger presentation for a
> future TriLUG meeting if there is interest.  We should also talk to
> Igor about how to sign ssh host keys...
> 
> See you there, Bill

Refer to this message on the kernel mailing list:
https://lkml.org/lkml/2011/9/30/421

I'm making a presentation this afternoon. So this email is a bit
rushed. I will answer any questions later today.

You can generate your PGP on any Linux system using gpg.

Install gpg on your machine.
yum/zypper/apt-get install gnupg [or equivalent package your platform]

Brief summary(basics):
$ gpg --gen-key
[Choose RSA 4096 bit key]
[Choose a good passphrase]
[Note your key ID]

$ gpg --fingerprint <key id>

Email this output to me.

Why should I use PGP?
You should use PGP, if you need (or want) to
protect your personal emails from being read by individuals or
entities other than your intended recipient(s). PGP, when used
correctly, can provide message privacy, message integrity, message
authentication, and to some degree non-repudiability.

OK. What are some good applications of PGP?

Protection of email
traffic of a sensitive nature, such as the coordination of response
to ongoing security incidents, requests for DNS modifications,
requests for networking changes and exchange of sensitive personal
information like SSNs. At the very least, it would be useful to
have all such messages signed, so the recipients could be sure that
the notes were not forged.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIbBAEBAgAGBQJPiFqIAAoJEGRt4wHV94AVPfUP92Dz9f/oTNOOobGPOG3sB8Fh
6A6SutC0KdzzHJsq1te7Phdn9qyuLG4X48DCGYV//cckb4Ap2u6xmId6l7ziBl/n
hDQ5wAyq25E3iT9DUcyCGCm9wac0PJL++Ac0z6jJ0TCYs8EPXT4jUIC8N8CO+2AZ
jM3fntubkfMvIOai43D14dNoO6noIRnAqO0lucV0mvIOcrgzd+ybJRS2EN8+WHM5
k3NxEhBQQlhw2tfJLLXSMrVcTQFwQIH65octwMaWPPlac61Q68iQhfNhYQFhb4PL
QFAGWdpumIbSwUDdlRkfh39AeKzPBodY47XZpgn4dfS1aJM4WI8jszxi3kGB+hKf
46i0CGkZqrFiCIiLhGKHGMUOiHi81H5EAm4TBHE9B0g9QbHco9NndC9+Swv3MeBl
mPJ6/81aEIKOnJyOZ4OwYxAEywJkkyStIddjfLLa9TeuVoFBKgp9A6ZUXW3MoZOt
g5s/sJzYDsovyFVB1dpD16/w+v0xzptzzqTl6kX1rxJklQSt7+vaDR4kkUEM7FFp
BlNAxsml80dQxRAYnJKwnHXw7NacLiHDwC2+fy0fkeHDUI9GuVSqkW79Mw2zs2zv
N8Z/rHx5WhzHykCEYIkHorfrd2VQyNGLCxxh0yYP6WpxRNMgNJof0mgxbXPHQlXw
VY4Ta8CUa6jHd6byNVQ=
=hXHi
-----END PGP SIGNATURE-----