tailieunhanh - Open Source Security Tools : Practical Guide to Security Applications part 33

Open Source Security Tools : Practical Guide to Security Applications part 33. Few frontline system administrators can afford to spend all day worrying about security. But in this age of widespread virus infections, worms, and digital attacks, no one can afford to neglect network defenses. Written with the harried IT manager in mind, Open Source Security Tools is a practical, hands-on introduction to open source security tools. | Page 299 Thursday June 24 2004 11 12 PM Types of Encryption 299 Decrypting Files To use GnuPG to decrypt files you have received use the following command gpg --output --decrypt where is the resulting file name you want and is the encrypted file. You must have the private key for the user it was encrypted for on your secret ring. This prompts you for the pass-phrase and once you have entered it correctly GnuPG produces the decrypted file. Signing Files As mentioned earlier another use of GnuPG and PGP is signing documents to verify their integrity. You can do this by issuing the following command gpg --output --sign Replace with the resulting output filename you want and with the file you want signed. This command signs and encrypts the document and produces the output file . When it is decrypted GnuPG will also verify the document. You can verify a file with the following command gpg --verify where is the encrypted file you want to verify. You can also create signatures separate from the file if you want users without GnuPG to be able to access them but still want to include the signature. There are two commands for this. The command gpg --clearsign creates a text addendum to the file with the signature. If you don t want to alter the file you can create a separate signature file with the command gpg --output --detached-sig The PGP GnuPG Web of Trust Model As mentioned earlier rather than use a hieratical trust system like digital certificates and their central certificate authority PGP and GnuPG use a web of trust model. By signing the keys of people you know you can verify that their key is worthy of trust. And if they sign other people s keys who you don t know directly you create a chain of trust. The model is based on the idea of any friend of yours is a friend of mine. Granted this model doesn t work .

TỪ KHÓA LIÊN QUAN