Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm thinking in sending email with PGP, but I've a question.
If I cipher an email using PGP and send to someone, the receiver has to decipher the email with a public key. How the recipient receives the key to decipher the email?
So if I send a ciphered mail to someone, I need the recipient public key?
Absolutely.
Quote:
Originally Posted by xeon123
If so, I think that PGP is not very easy and practical to use, because I can only send ciphered message to someone that created a public key.
Look at it this way: how can you (effectively) encipher a message without a key? Same problem would apply with symmetric encryption, except those keys are more difficult to safely distribute.
But PGP implies that someone must have already the recipients public key. From what I understood from the previous mail is that, I can't send a ciphered mail to someone for the first time that I contact him, and if the recepient doesn't use PGP, I also can't send ciphered mail.
This why I think that PGP is not very pratical. Right?
What you say has nothing to do with PGP in particular.
Why would you want to encipher an email? Because you want only the intended recipient to be able to read that mail and nobody else shall be able to decrypt the message successfully. So the recipient and you must have exchanged some sort of secret like a special cipher algorithm or a key to use for ciphering or a special hardware or something.
Of course, you can't send a ciphered mail to someone you have never exchanged a secret with. If no such secret would be needed to decipher your mail, anybody would be able to do it.
So, to send encrypted mails to somebody, you first send her/him an unencrypted email containing your public key. The recipient verifies, that the received public key really belongs to you, maybe by calling you on the phone or so. Then she/he sends her/his public key in return. Now that you both have the public key of each other, you encrypt mails to her/him with the public key you received and she/he uses your public key.
To make the initial key exchange a little bit easier, public key servers are available. Once you've created you public/private key pair, you can upload your public key to those servers. If someone want's to send you an encrypted email, she/he can search on the servers for your public key by typing your email address.
So imagine, that someone (Eve) found that user Alice uses PGP.
Eve can monitoring Alice communications 24/7 to get the public key. After Eve get the public key from Alice, she can decipher all the mail that Alice will send.
If this is right, PGP is not really useful. Right?
No, that's wrong. Remember you have a pair of keys, the public one which everybody can have free access to and your private one, which only you have and which you'll never ever give to anybody else.
Everybody can encrypt mails with your public key, but only you will be able to decrypt them, because you are the only one who has the _private_ key which is required for that operation.
Eve may get the public key of Alice from a key server as well without the need of monitoring Alice's traffic or she can even ask Alice for her public key and it's perfectly safe for Alice to give it to her. Eve can send encrypted messages to Alice then but only Alice will be able to decrypt them, because only Alice has the private key that matches her public one.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.