Find the answer to your Linux question:
Results 1 to 6 of 6
Hello, i tried to generate key using linux command "gpg --gen-key". And it prompted my details about key, and after confirmed password, it started and then outputted like: Now it ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux User postcd's Avatar
    Join Date
    Apr 2011
    Posts
    323

    How long does it take RSA key generate? What my key then?


    Hello, i tried to generate key using linux command "gpg --gen-key".

    And it prompted my details about key, and after confirmed password, it started and then outputted like:



    Now it is alot of time and im unsure if it is all or we are waiting for the end of generation?

    Then software which uses the key to encrypt files have this command:
    Code:
    duplicity --encrypt-key="YOUR-KEY" /home scp://user@backup.server.com/directory
    So im curious what is actually that YOUR-KEY value in my case? thx
    "Avoid the Gates of Hell. Use Linux affordable VPS."

  2. #2
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    looks like your system is having trouble generating enough entropy. see this thread.

    as to how long it will take, that depends on the hardware. some CPUs have hardware RNGs, support for them has to be enabled in the kernel, of course...though their trustworthiness might be suspect, depending on who you ask.

    in the mury past, i recall once using software that generated white noise from the sound card to seed the RNG, pretty cool idea that was.

  3. #3
    Linux User postcd's Avatar
    Join Date
    Apr 2011
    Posts
    323
    please how do i know that stupid key generation completed? it appears now it finished and shown command line. but i dont see any message like key gen completed your key file is: xxx
    "Avoid the Gates of Hell. Use Linux affordable VPS."

  4. #4
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    Quote Originally Posted by postcd View Post
    please how do i know that stupid key generation completed? it appears now it finished and shown command line. but i dont see any message like key gen completed your key file is: xxx
    yeah, they don't spit out a nice message like that. by default, your keys will have been put in the GPG homedir of ~/.gnupg/, and the files are:

    pubring.gpg
    secring.gpg
    trustdb.gpg

    the output you should get (from a successful gpg --gen-key command) will be your pubkey id and fingerprint.
    Last edited by atreyu; 05-08-2014 at 07:53 PM. Reason: changed ~/.gpg to ~/.gnupg

  5. #5
    Linux User postcd's Avatar
    Join Date
    Apr 2011
    Posts
    323
    thx, i found it in /root/.gnupg

    So when i have command:
    duplicity --encrypt-key="YOUR-KEY" /home scp://user@backup.server.com/directory
    what should i input instead of YOUR-KEY ?

    The duplicity man page:
    --encrypt-key key-id
    When backing up, encrypt to the given public key, instead of using symmetric (traditional) encryption. Can be specified multiple times. The key-id can be given in any of the formats supported by GnuPG; see gpg(1) , section "HOW TO SPECIFY A USER ID" for details.
    root@* [~/.gnupg]# ls -la
    total 68
    drwx------ 3 root root 4096 May 6 13:56 ./
    dr-xr-x--- 19 root root 4096 May 8 15:13 ../
    -rw------- 1 root root 7856 Apr 20 10:18 gpg.conf
    drwx------ 2 root root 4096 May 4 16:27 private-keys-v1.d/
    -rw------- 1 root root 12360 May 6 13:40 pubring.gpg
    -rw------- 1 root root 12360 May 6 13:40 pubring.gpg~
    -rw------- 1 root root 600 May 6 13:40 random_seed
    -rw------- 1 root root 5160 May 6 13:40 secring.gpg
    -rw------- 1 root root 1360 May 6 13:40 trustdb.gpg
    ---
    Update: i think it can be the string that i obfuscated in the image of my first post. the one which starts: pub
    Last edited by postcd; 05-08-2014 at 07:58 PM.
    "Avoid the Gates of Hell. Use Linux affordable VPS."

  6. #6
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    Quote Originally Posted by postcd View Post
    what should i input instead of YOUR-KEY ?
    according to the man page you cited - gpg(1) - there are a number of ways to specify the ID.

    the easiest would be either the key id or the email address. to confirm what yours is, just do:

    Code:
    gpg --list-keys
    the first entry, your key, should have a pub, uid, and sub line for it. e.g.:

    Code:
    pub   1024D/1234567F 2012-08-22
    uid                  joe blow <joeblow@example.com>
    sub   2048g/F7654321 2012-08-22
    using the above example, you could use "jow blow", joeblow@example.com, or 1234567F as YOUR-KEY (as far as I can tell - i've never used duplicity).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •