To exchange encrypted messages with other users, you must first generate your own key pair. One part of it—the public key—is distributed to your communication partners, who can than use it to encrypt the files or e-mail messages they send. The other part of the key pair—the private key—is used to decrypt the encrypted contents.
The public key is intended for the public and should be distributed to all your communication partners. However, only you should have access to the private key. Do not grant other users access to this data. |
OpenPGP is a non proprietary protocol for encrypting e-mail with the use of public key cryptography based on PGP. It defines standard formats for encrypted messages, signatures, private keys and certificates for exchanging public keys.
Click
+ + + .Click
+ .Select
, then click .Specify your full name, e-mail address, and any additional information.
(Optional) Click
to specify the following advanced options for the key.Encryption Type: Specifies the encryption algorithms used to generate your keys.
is the recommended choice because it lets you encrypt, decrypt, sign, and verify as needed. Both and allow only signing.Key Strength: Specifies the length of the key in bits. The longer the key, the more secure it is (provided a strong passphrase is used), but keep in mind that performing any operation with a longer key requires more time than it does with a shorter key. Acceptable values are between 1024 and 4096 bits. At least 2048 bits is recommended.
Expiration Date: Specifies the date at which the key will cease to be usable for performing encryption or signing operations. You will have to either change the expiration date or generate a new key or subkey after this amount of time passes. Sign your new key with your old one before it expires to preserve your trust status.
Click
to create the new key pair.The
dialog box opens.Specify the passphrase twice for your new key, then click
.When you specify a passphrase, use the same practices you use when you create a strong password. The main difference between a password and a passphrase is that spaces are valid characters in a passphrase.
Secure Shell (SSH) is a method of logging into a remote computer to execute commands on that machine. SSH keys are used in key-based authentication system as an alternative to the default password authentication system. With key-based authentication, there is no need to manually type a password to authenticate.
Click
+ + + .Click
+ .Select
, then click .Specify a description of what the key is to be used for.
You can use your e-mail address or any other reminder.
(Optional) Click
to specify the following advanced options for the key.Encryption Type: Specifies the encryption algorithms used to generate your keys. Select
to use the Rivest-ShamirAdleman (RSA) algorithm to create the SSH key. This is the preferred and more secure choice. Select to use the Digital Signature Algorithm (DSA) to create the SSH key.Key Strength: Specifies the length of the key in bits. The longer the key, the more secure it is (provided a strong passphrase is used), but keep in mind that performing any operation with a longer key requires more time than it does with a shorter key. Acceptable values are between 1024 and 4096 bits. At least 2048 bits is recommended.
Click
to create the new key, or click to create the key and set up another computer to use for authentication.Specify the passphrase for your new key, click
, then repeat.When you specify a passphrase, use the same practices you use when you create a strong password. The main difference between a password and a passphrase is that spaces are valid characters in a passphrase.