Membuat Kunci GPG

• paket gnupg yang sudah terpasang pada sistem Debian

1. Jalankan perintah

   gpg --gen-key

2. Pilih kunci

   Please select what kind of key you want:
      (1) DSA and Elgamal (default)
      (2) DSA (sign only)
      (5) RSA (sign only)
   Your selection?
   DSA keypair will have 1024 bits.
   ELG-E keys may be between 1024 and 4096 bits long.

3. Pilih ukuran kunci

   What keysize do you want? (2048)
   Requested keysize is 2048 bits

4. Tentukan kadaluarsa kunci GPG

   Please specify how long the key should be valid.
            0 = key does not expire
         <n>  = key expires in n days
         <n>w = key expires in n weeks
         <n>m = key expires in n months
         <n>y = key expires in n years
   Key is valid for? (0) 12m
   Key expires at Mon 03 Jan 2011 08:20:24 AM UTC
   Is this correct? (y/N) y

5. Masukkan informasi yaitu nama lengkap, surel, dan catatan

   You need a user ID to identify your key; the software constructs the user ID
   from the Real Name, Comment and Email Address in this form:
       "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
   
   Real name: Iwan Setiawan
   Email address: stwn[@]kuliax[.]org
   Comment: stwn
   You selected this USER-ID:
       "Iwan Setiawan (stwn) <stwn[@]kuliax[.]org>"
   
   Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O

6. Masukkan kalimat kunci

   You need a Passphrase to protect your secret key.
   
   We need to generate a lot of random bytes. It is a good idea to perform
   some other action (type on the keyboard, move the mouse, utilize the
   disks) during the prime generation; this gives the random number
   generator a better chance to gain enough entropy.
   ++++++++++..++++++++++..+++++++++++++++..++++++++++.+++++++++++++++++++++++++..++
   +++.+++++..+++++.+++++++++++++++++++++++++++++++++++.+++++.+++++.+++++>+++++.....
   .................................................................................
   ..................................................+++++
   We need to generate a lot of random bytes. It is a good idea to perform
   some other action (type on the keyboard, move the mouse, utilize the
   disks) during the prime generation; this gives the random number
   generator a better chance to gain enough entropy.
   .+++++++++++++++.++++++++++...+++++.+++++++++++++++.+++++.++++++++++..+++++++++++
   +++++++++..+++++++++++++++.++++++++++...++++++++++++++++++++.++++++++++++++++++++
   >+++++..+++++>.+++++.....+++++^^^
   gpg: key XXXXXXXX marked as ultimately trusted
   public and secret key created and signed.
   
   gpg: checking the trustdb
   gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
   gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
   gpg: next trustdb check due at 2011-01-03
   pub   1024X/XXXXXXXX 2010-01-08 [expires: 2011-01-03]
         Key fingerprint = 5X70 93X5 756A XXXX 4164  8264 6X87 232X X2X1 6887
   uid                  Iwan Setiawan (stwn) <stwn[@]kuliax[.]org>
   sub   2048x/4XXX3954 2010-01-08 [expires: 2011-01-03]

Pada proses membangun, debuild akan memeriksa kunci yang sesuai dengan nama pembuat perubahan pada paket dan akan meminta melakukan tanda tangan terhadap .dsc dan .changes

Jalankan perintah:

gpg --export -a "Iwan Setiawan" > stwn.pub.asc

gpg --edit-key maintainer@kuliax.org passwd

• Lihat daftar kunci

  gpg --list-key

  pub   1032C/3F5BHCG 2010-01-01 [expires: 2011-01-01]
  uid                  Iwan Setiawan <stwn[@]kuliax[.]org>
  sub   2048x/26397X32 2010-01-01 [expires: 2011-01-01]

• Hapus kunci

  gpg --delete-secret-and-public-key 3F5BHCG