Banshee tip: if you hover your mouse over the cover art, it’ll overlay the cover art in full-size. Unfortunately this can’t be toggled by a keyboard shortcut, to my knowledge.
OK, the holidays (and an especially busy couple weeks at work) got in the way of me doing a write-up on GPG like I promised, but I have some free time right now and I’ll use it to get started on this topic.
What Is GPG?
GPG (GNU Privacy Guard) is an open source software tool that enables you to use a method of encryption called public-key cryptography. It is an open-source equivalent to a piece of software called “PGP” (Pretty Good Privacy).
How Does It Work?
Each person generates what is called a keypair. This keypair consists of a private key and a public key. The public key can be shared openly with the rest of the world. If someone wishes to encrypt something for you (email message, file, etc), they use your public key to do so. This creates an encrypted copy that can only be decoded with the other half of your keypair (your private key). The private key is kept to yourself and should of course never be shared.
Getting Started
There are GUI applications that allow you to work with GPG, but A) I’m more comfortable with the command line and have never used any of them, and B) if you’re not comfortable with the command line, this will be an excellent opportunity to learn 
To start off with, you will need to install GPG. In Ubuntu, this is done using the following command:
sudo apt-get install gnupg
If you’re not using Ubuntu, let me know and I’ll help you get GPG installed if you are having trouble.
Creating Your Keypair
Now, to create your keypair. To start with, run the following command: gpg --gen-key
ejohnson@gallifrey:~$ gpg --gen-key
gpg (GnuPG) 1.4.10; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 1
Select the default setting by typing 1 and hitting Enter. You will now see the following:
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
The default of 2048 should be fine. I personally have a 4096-bit key, but that’s because I’m paranoid Just hit enter to accept the default value, or type in 4096 and hit Enter if you want a larger key. This will bring you to the next prompt:
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 5y
Key expires at Sun 28 Dec 2014 12:10:55 AM CST
Is this correct? (y/N) y
You can always make your key without an expiration date, but in this example I’m setting mine to expire in 5 years. After confirming the expiration date (or lack thereof), you will be prompted to enter information about yourself:
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
Real name: Your Name Here
Email address: myemail@gwcrocks.com
Comment:
You selected this USER-ID:
"Your Name Here <myemail@gwcrocks.com>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
Obviously, replace Real name and Email address with your own name and email address. The Comment field is optional, I usually just leave it blank.
Next, you will be prompted to enter a passphrase. Your passphrase is important, you will need to enter it to decode anything that was encrypted using your public key. Therefore, it should be something not easily guessed. You can refer to this wikipedia article for some guidelines on creating a strong password. Note: the page recommends a password between 12 and 14 characters, but as long as you follow the other guidelines, an 8-character password is just fine.
After you enter and confirm your passphrase, the generation of the key will commence:
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
............+++++
.........+++++
It’s possible (especially if you are generating a 4096-bit keypair) that you may see a message like this:
Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 86 more bytes)
...+++++
GPG uses different sources of random data (mouse movements, reads/writes to disk, etc) to create your keypair, so if you’re not doing much when you’re generating your key then GPG may not have enough information to generate it. Doing something like playing a video/mp3 in the background, jiggling your mouse after entering your passphrase, etc. will help GPG finish its business. Note that if you see this message, it doesn’t mean that key generation has failed, just that you need to do more “work” (as it states above) so that GPG can finish what it’s doing. Once key generation is complete, you’ll see something like the following:
gpg: key 873E34FD marked as ultimately trusted
public and secret key created and signed.
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2014-12-28
pub 2048R/873E34FD 2009-12-29 [expires: 2014-12-28]
Key fingerprint = AD93 166B B4D3 7CB7 B217 0B46 3EA8 61B6 873E 34FD
uid Your Name Here <myemail@gwcrocks.com>
sub 2048R/89CA5F14 2009-12-29 [expires: 2014-12-28]
Congratulations, you now have your very own keypair!
Sharing Your Key
So now you have your own keypair, but how do you share your public key with someone so that they can encrypt things for you? Easy, just run the following command:
gpg --export -a "Your Name Here"
The “Your Name Here” should be replaced with the name you specified when creating your key (or the email address, if you have multiple keys under the same name, which you probably won’t just yet). Your public key will be displayed and can be copied and pasted elsewhere. Alternatively, you can export and dump it into a text file all in a single command, using the following:
gpg --export -a "Your Name Here" >gwcrocks.pub
Adding the “>gwcrocks.pub” does something called “output redirection”, which basically takes output that would be displayed on the screen and puts it into a file (in this case, a file named “gwcrocks.pub”) instead. Output redirection can be used on any command, try it on something else if you like. Once you have dumped the key to a file you can then attach it to an email to send to someone.
“So, I have someone’s public key, what do I do with it?”
GPG stores keys (both your keys and the ones you get from others) in what is called a “keyring”. To show all of the keys in your keyring, run the following command:
gpg --list-keys
You’ll probably just see the one keypair that you created for yourself. So, let’s say I emailed you my public key, in a file called “gwcrocks.pub”. To use it with GPG, the key needs to be imported into your keyring. To do so, run the following command:
gpg --import gwcrocks.pub
Note: this assumes that you are in the same folder/directory where you saved the file. When you open a terminal, you will typically start out in your home directory (/home/username). For instance, let’s assume you saved the file to your desktop. You can do one of two things:
-
Run the command cd Desktop before running the command above to import the key. That will put your terminal in the Desktop folder, where you can run the command ls to list the files in that folder, so you can make sure it’s there before trying to import it.
-
Run the following command:
gpg --import ~/Desktop/gwcrocks.pub
The tilde (~) stands for your home directory. It’s a shorthand way of referring to it. You could also replace the tilde with “/home/username”, but using the tilde is a quicker way of typing it. If you’re using Ubuntu, you’ve probably seen the tilde used in this way already, in your command prompt. For instance, my command prompt looks like this: ejohnson@gallifrey:~$. The tilde tells me that I’m in my home directory. If it instead said ejohnson@gallifrey:~/Desktop$, then this would tell me that I’m in my desktop folder (/home/ejohnson/Desktop).
Here’s my public key. Copy the contents of the box below into a file and save it to your desktop, and then try importing it using the method above.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.10 (GNU/Linux)
mQGiBEsDPU4RBADIUPn2WdeuN5eH7Y+5FXe1T1CAa6ML+kiZ3pKR2iH9Ok8MdZJ+
8ChHCf/qig2YwnCzpy7Xztj62xXAYI2wST7REm7nHunRwOzUpfA5m39xACpj9ffZ
H4/9kduOYguermWfoCk88jykNNaIKs7Vp2NzbCex7u2Lq752avx00sfbawCgkb6G
h90cR0ilL+gLDuWGA+Y7fzED/0+AKr+uWRFYMCgsXlP3zQ39cLo4VjeZl5GQBnJ/
tmjUZK92YP4cf2TFRJvgWPYc/3KcShMd4UqYYx3uxbCWinOAHZRbPctzFqB2e/iO
E9DEo77afIJpl3TtODWeRVmObMZDvp1fEy4mxYbV88tNZ3mCl2F7sOdnmKf2+yZW
mN4oA/46FdcgF0Mtk0avOUfD/rI2PLpPerikIyv9G9H68YfyN1scu4SFwwMICFvR
BVZUrxGIYsAvj690w4qgK07WDZDR2VIh7sDb1r5Q0DNTBU8dadGAZBW90BvsWiDa
CixDuTRbE6S5ZhUraTKt9QD3z8vfTL1kLJt+OyppDI6nrOcZXrQhRXJpayBKb2hu
c29uIDxwYWxlaG9zZUBnbWFpbC5jb20+iGYEExECACYFAksDPU4CGwMFCQlmAYAG
CwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBeVYPEN4CPPy7yAJ9uh2WQNLmfw3y/
v16DjH1NqvG7aQCfdrdiGieWho4222R3WRW8kdVG5ZK5BA0ESwM9ThAQAPqmgqs2
wBQSHAFGr5JBqaRd83iGoDtwvXeRQkM5UQ0QzW2EW76TnSybqCzTbRFviiUCKLMT
FLzinh7zVCpUGc3Lm/RHzQFZ2eWAhNLVpkmAlicxV8rdv3netBRDrCdlXFkrt5h3
AKdmqRq8VYE54D6xcQdsYMtbsJtBw+Vntt8ravy87W8vJf+wI3H/LJ80aITPIbCj
3e79ziVZCD4F83F/Bw3QsCpzEdgKKYjTeX05/ncujlrRGDYMWUAvIhHL+BvuFmAy
heSBdiNhnBv0ahY5seQGxVRK3ZPr33L5XrtuqO5ZnDcCTc0CSMUs2FSDvV8fYdiI
VqBYVd/umbiOfgfqgHbWvMtrU0dIhveke/a0tiCprIN4TP2b6FnqzMr+AnExNWa5
U1tDhkNUCVW3r0NSyQW4TfxJv4gnGtXaMTXYr6CzF/OvdnfxJ8EbpuzYoQe0vsDQ
qb0ZObJ8M4ojS9LjJORb1b9buugdlojATPNR4/EZ2NtUiCpbPKRDzGbfj0n9oxLK
Q1NynpmjN31j+Y0PoBVg+hh8AYmvsaZuI4hKvPlqXpgRnKbvDYngWE7SVDFLp7jR
ud7u6BzNnud/x5QOSQha4ZFl4tk/p1AXDpv60rX1S7wjSRaJRsF1HND3KwMF5isc
a0/RtTKzwd3ts4AY3XLhzXPvNqRnZYkiGebXAAMFEADcSLkadUgC80qWAl0Nh3CA
sw1ZhE3f4NGL9av/eprpu3PSI93NPd4K360gYU/0hhZnxQAbd9oYS/5LQpcOCpoB
ngNmM4DQWjVfXBDu+JfsezSTktKRABsiM99wnuazrJZyrlfkrcaZFnrChg22ALQZ
PYg0ht20dD3lsb3xVZGLCwB7Mg5P5FQI0gxF1fT67fyZ9h/A3x+sMUAu1+umMroU
tmWEf1fWhSgEeXy6Q7WieWLiGROKo+K690LdUF9e3ZyIj3r+eHRGL7jh44iv+xTG
ewx8cY7rNcxWl85k1dSmnpBDzcFYaQDRkbwjWro4WPX6mZWzFzxTpG1spfGH+W0K
1Jtmqa07xbyNeKn/tyqmRu7WngvvlaN2/dRMffKtgcO/sB9mFYHTQcSNikDCqFqN
D79Gmrh7bNgrkzTo2fpmvkG7QyJ6gFquqHhbfzh8rUfw/t0BdIUo5JaP1fRAzrvw
QmQPaM8lCHwSOw/vXjmcZ+tuSRsZ+w4l1NNvF9axVRxRogbYHkXfbxJm0//Ki/2P
jYXZKvUv/ucEfbiDJOc87EM1dh937c9zRY7Z0cFOflwr9IiC/DH4m3PzCt6URhLG
ifgC1T7yCs8dykxTQfCrw8PdbvA1F5BNcJ2vQWwNBqWqbs0SYdCkyZ6p86IH/rdp
+dgFT85Mse6EuVINvAYyBYhPBBgRAgAPBQJLAz1OAhsMBQkJZgGAAAoJEF5Vg8Q3
gI8/HCcAoIaHPDVMZ/NCq8Y+OfPaTtOpNVqXAJ9nzweIIZVxJcKCcsPrScmDPrH4
2w==
=7xtF
-----END PGP PUBLIC KEY BLOCK-----
If you’ve successfully imported my key, you’ll see something like this:
gpg: key 37808F3F: public key "Erik Johnson <EMAIL ADDRESS REMOVED>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
Now, if you run gpg --list-keys again, and you should see both your key and mine in your keyring.
“But wait a minute… We’re using GPG, and your key said something about PGP on it. What’s up with that?”
GPG was written to interoperate with PGP, so it acts in the same way which PGP does, even down to using “PGP” at times when dealing with keys. It can look a little confusing at first, I know.
The “BEGIN PGP PUBLIC KEY BLOCK” stuff is part of what is called “ascii-armoring”. GPG stores the keys in your keyring in a binary format, which isn’t all that easy to copy and paste into an email or post on a web forum. So, when we exported our public key earlier, that “-a” option is what told GPG to export the key in a text-based format instead.
Well, I think that’s enough to start out with. I encourage all of you to try this, and feel free to ask questions. By all means, post your public keys so I can add them to my keyring.
After I get one of your public keys, I’ll write another post on how to encrypt and/or sign files.
Hi guys, I went through a patch of distro update woes… finally solved it by downloading and burning the 9.10 LiveCD and install over my old system. It took a day to get everything back to the way it was, but I found something fun during the process.
Behold, Stellarium
I have never met another stellatography software so intuitive and pretty before.
Just goto Ubuntu Software Center (or the equivalent of what ever distro) and install it.
Cool, they have a windows version too. You should make a new thread about Stellarium.
This’d be the best place to ask… how would one go about installing Ubuntu on a second hard drive a dual booting with Vista.
I can build electronic devices like a demon, but… operating systems? WHAT!? HOW DOES…? WHAT? I’M 'FRAID!
I had a long response typed up, but then I realized that it’s really quite complicated if you’ve never worked with Linux before. It’s something I’m more comfortable showing someone when I’m there with them than coaching them on a web forum, ESPECIALLY if this is your primary computer.
Are you at least familiar with the installation process? If not, I would try installing Ubuntu in a virtual machine using VirtualBox.
http://helpdeskgeek.com/linux-tips/how-to-install-ubuntu-in-virtualbox/
hansioux, did you ever get a chance to mess around with GPG?
i did. and while i was getting it set up, i remembered a couple of years ago, someone was telling me about how e-mails should be protected with public key and private key to replace the current system.
i question is, is sharing the public key the only option? or is there some other way to allow a more organic flow of sharing stuff?
The easiest way is to test out Ubuntu using Wubi
This is an officially supported option. It will install Ubuntu straight from Windows. With this method, you can even uninstall Ubuntu later via the Windows Install/Remove software option. The downside of this is, it will use the NTFS or FAT32 hard drive systems that already comes with your Windows. You can’t take advantage of the more advanced EXT4 file systems that is part of Ubuntu.
You can even follow this guide for Vista
http://seogadget.co.uk/how-to-install-ubuntu-using-wubi-from-windows-vista/
Now if you want to set up Ubuntu, it really isn’t that difficult either once you know what your setup is.
You have a computer with 2 hard drives. You want to install Ubuntu on the second hard drive. But you didn’t specify which one the two possibilities:
- The first hard drive runs Vista. And the second hard drive is free to allocated everything to Ubuntu.
or
- Another OS on the first hard drive. The second hard drive is not all free for Ubuntu, and you have to share it. Either because there are files on there you want to keep or Vista is already running on that hard drive.
In either case, download the iso for Ubuntu Live CD. Burn it to a CD, or create a Ubuntu Boot USB with the iso.
If you have an entire hard drive dedicated to Ubuntu, it’s rather simple. Just run the Boot CD or USB from boot, and go through the installer. And dedicate the entire hard drive to Ubuntu. Just dedicate twice the size of your RAM as SWAP, and you are set.
Example for case 1:
Your first hard drive, likely to be named SDA, second hard drive, likely to be named SDB in linux and you have 2G of RAM
Select SDB, allocate 4G for SWAP, and even this probably isn’t necessary. go through the setup, pretty much yes to everything. And you will have it all setup.
When you have to share the hard drive, I would run a De-fragmentation on my hard drives before installing. That way you’ll have the largest continuous space for Ubuntu.
And then during the disk allocation part, select your second hard drive, and use the largest continuous space. Then click through the rest.
There is such a thing as publishing ones public key on a keyserver, where it can be retrived by anyone using gpg/pgp using a simple command.
I am having a problem with playing .wmv files on VLC.
Especially those .wmv files that i made from Sony Vegas. It’s kind of weird not being able to view videos that i made myself. I get:
No suitable decoder module:
VLC does not support the audio or video format “wmap”. Unfortunately there is no way for you to fix this.
VLC page said they don’t support it, and one has to compile themselves to get it working. Is that the only way to view .wmv (3) files?
It seems to work on every other player on Ubuntu. It works on SMplayer, Mplayer, Movie Player (i guess they have the same core). But the problem with the Movie Player based players is that when you fast forward, it tends to hang…
hansioux - Do you have the ubuntu-restricted-extras metapackage installed?
yes, i think version 36
Hmm… To my knowledge that’s supposed to provide the needed codecs. Or at least it once did.
Can’t say I use VLC all that much, I usually end up using mplayer via the command-line to play videos, and once in a great while I end up using Totem if I need a GUI.
After doing a bit of digging, it appears that this codec isn’t supported yet in VLC, but I saw something on a web forum that said the Windows and Linux ports of VLC 1.0.0+ can utilize a Windows DLL called wma9dmod.dll. Here’s a link to a google search, you should be able to grab this file easily. Now, where to put it is an entirely different story. The forums posts were telling people to put the file in a plugins directory, but this was for the Windows version. I guess you can check your home directory for a .vlc directory and check and see if there’s a plugins directory there. If not, maybe there’s a system-wide location. Or, you could try throwing it in /usr/lib/codecs (create this directory if it doesn’t exist). Some media players look in /usr/lib/win32 for codecs instead, so you can do the following from a terminal:
sudo mkdir /usr/lib/codecs
sudo ln -s /usr/lib/codecs /usr/lib/win32
sudo cp wma9dmod.dll /usr/lib/codecs/
No real guarantee that any of that will do anything, but it’s a worth a shot I guess.
amazingly sometime long in the past i guess i have copied that fule to /usr/lib/codecs already, i don’t even remember that. it didn’t work, but i guess it’s fine. I have smplayer for now.
thanks for the help. i’m glad there are linux experts here on the forum. i am liking linux more and more, rarely do i reboot to windows now. i’ve even upgraded to grub2 and applied Burg for the graphical login, and solved the slow start problem.
right now i am trying to figure out ibus… spevificly, how to write a IME for ibus 
Cool. There are always new things to learn. For example, I’m trying to teach myself to write udev rules that will run scripts when I plug in specific USB devices. Only problem is that it seems that less specific information is logged when a device is unplugged, so I can get it to work when I plug in the device, but not when I unplug it.
MercuryShadow, since you are the one who introduced me to gnome do, i realized that gnome do isn’t functioning recently in Karmic. It would start, but as soon as i start typing into it, it would crash, have you noticed the same thing?
Yeah, this seems to be a bug in 0.8.2.x. I’ve seen the same thing happen both in Fedora and in Arch Linux.
Another behavior I have seen in both Fedora and Arch is that when you first log in and try to launch gnome-do with your hotkey, nothing you type in matches anything. Quitting and restarting gnome-do seems to solve the problem.
Guess we’ll just have to wait for a future version to resolve this.
After discussing pros and cons of Gnome and KDE in the show your desktop thread, I decided to try installing KDE/kubuntu on top of my existing ubuntu and give it another try. Since the last time I tried KDE was 4.1, and I heard a lot of good things has happened since 4.3.
But I was still not happy with it. It takes long to load, is less responsive meaning it has a tiny lag time between clicking and reacting. And when I tried to add the show desktop widget to the panel, it crashed. Sure it recovered after a black screen, but without the show desktop button, the desktop is almost alien to me… On top of that, the Asian text is still horrible…
To my horror, when I switch back to gnome, I discovered now even my Asian Text in gnome is messed up. Changing the settings in Apperence has no effect. Strangely, my mouse pointer on my desktop always uses the Oxygen pointer, despite other pointers being selected in Appereance…
I guess that’s the last time I dear try KDE again…