LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page GPG / PGP subkeys
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 05-21-2006, 12:19 AM   #1
wwnexc
Member
 
Registered: Sep 2005
Location: California
Distribution: Slackware & Debian
Posts: 264

Rep: Reputation: 30
Post GPG / PGP subkeys

Hi,

I have been using gpg for a while now. It works nicely and reliably. I have been using one and the same RSA key for signing and having messages encrypted to so far.

I am wondering how the subkeys work.

- What is the point of subkeys?
- What happens if i have more than 1 subkey? Can the user choose to which one to encrypt to (didn't work for me YET), or is it automatically encrypted to all of them? Or...?
- What else is there that is valuable to know as to how they work technically (what is encrypted / signed how) and practically, as in who gets what and can do what....


THANK YOU
 
Old 05-21-2006, 01:54 PM   #2
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 13.37
Posts: 4,089

Rep: Reputation: 136Reputation: 136
If you're using the term subkey the same way the gpg folks are (and I expect you are), then the info at http://www.gnupg.org/gph/en/manual.html#AEN526 should help.

Basically you have a master signing key that you never want to expire. The encryption subkey usually has a finite life so that if it is broken, an attacker can only decrypt information with the old key. They also state that it is only useful to have one valid enctyption subkey on a keyring since no additional security is added by having more on the one keyring.

There's a lot more general info in the GNU Privacy Handbook, I recommend having a look there. Mostly so I don't paraphrase incorrectly...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
bash & gpg/pgp rblampain Programming 3 08-16-2005 01:03 AM
KMail and PGP/GPG not working - doesn't ask for passphrase steve1401 Linux - General 2 02-08-2005 06:42 AM
Pgp Ruishanko Linux - Newbie 13 10-07-2004 03:59 PM
How does GPG relate to PGP? davee Linux - Security 1 02-20-2004 07:52 AM
gpg / pgp encryption pteren Linux - Software 8 07-26-2003 03:14 AM


All times are GMT -5. The time now is 09:41 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration