# Azamat H. Hackimov , 2010. msgid "" msgstr "" "Project-Id-Version: \n" "POT-Creation-Date: 2010-10-21 23:56+0600\n" "PO-Revision-Date: 2010-02-09 00:59+0500\n" "Last-Translator: Azamat H. Hackimov \n" "Language-Team: Russian \n" "Language: ru\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" "%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" "X-Generator: Lokalize 1.0\n" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):6 msgid "GnuPG Gentoo User Guide" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(author:title):8 msgid "Author" msgstr "автор" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(mail:link):9 msgid "humpback@gentoo.org" msgstr "humpback@gentoo.org" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(mail):9 msgid "Gustavo Felisberto" msgstr "Gustavo Felisberto" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(author:title):11 #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(author:title):14 msgid "Editor" msgstr "редактор" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(mail:link):12 msgid "zhen@gentoo.org" msgstr "zhen@gentoo.org" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(mail):12 msgid "John P. Davis" msgstr "John P. Davis" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(mail:link):15 msgid "swift@gentoo.org" msgstr "swift@gentoo.org" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(mail):15 msgid "Sven Vermeulen" msgstr "Sven Vermeulen" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(abstract):18 msgid "" "This small guide will teach you the basics of using GnuPG, a tool for secure " "communication." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(version):27 #, fuzzy msgid "1.13" msgstr "1.12" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(date):28 msgid "2010-06-13" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):31 msgid "Introduction" msgstr "Введение" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):33 msgid "What you will get in this guide" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):36 msgid "" "This guide assumes that you are familiar with public-key cryptography, " "encryption, and digital signatures. If this is not the case jump to Public Key Cryptography or take a look at the GnuPG handbook, chapter 2, and then come back." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):44 msgid "" "This guide will teach you how to install GnuPG, how to create your key pair, " "how to add keys to your keyring, how to submit your public key to a key " "server and how to sign, encrypt, verify or decode messages you send or " "receive. You will also learn how to encrypt files on your local computer to " "prevent people from reading their contents." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):55 msgid "Installation of required software" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):58 msgid "" "At a very basic level you need to emerge gnupg. Many aplications " "today have some sort of support for gpg, so having crypt in your USE " "variable is probably a good idea. If you wish to have an email client " "capable of using gnupg you can use pine (emerge pinepgp), mutt " "(emerge mutt), Mozilla Thunderbird (emerge thunderbird), " "evolution (evolution is a GNOME Microsoft Outlook work alike) and KDE's own " "KMail (KMail is part of the kdepim package)." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):68 msgid "" "Kgpg might interest you if you use KDE. This small program allows you " "to generate key pairs, import keys from ASCII files, sign imported keys, " "export keys and a few more features." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):79 msgid "Generating your key and adding keys to your public keyring" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):81 msgid "Creating your key" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):84 msgid "" "To create your key, just run gpg --gen-key. The first time you run " "it, it will create some directories; run it again to create the keys:" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):89 msgid "key generation process" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):89 #, no-wrap msgid "" "\n" "$ gpg --gen-key\n" "gpg (GnuPG) 1.0.7; Copyright (C) 2002 Free Software Foundation, Inc.\n" "This program comes with ABSOLUTELY NO WARRANTY.\n" "This is free software, and you are welcome to redistribute it\n" "under certain conditions. See the file COPYING for details.\n" "\n" "Please select what kind of key you want:\n" " (1) DSA and ElGamal (default)\n" " (2) DSA (sign only)\n" " (4) ElGamal (sign and encrypt)\n" " (5) RSA (sign only)\n" " Your selection? 1\n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):104 msgid "" "Here you can choose the type of key you want to use. Most users will go for " "the default DSA and ElGamal. Next is the key size - remember that bigger is " "better but don't use a size larger than 2048 with DSA/ElGamal keys. " "Generally 1024 is more than enough for normal email." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):111 msgid "" "After size comes the expiration date. Here smaller is better, but most users " "can go for a key that never expires or to something like 2 or 3 years." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):116 msgid "Choosing key size" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):116 #, no-wrap msgid "" "\n" "DSA keypair will have 1024 bits.\n" "About to generate a new ELG-E keypair.\n" " minimum keysize is 768 bits\n" " default keysize is 1024 bits\n" " highest suggested keysize is 2048 bits\n" " What keysize do you want? (1024) 2048\n" "Requested keysize is 2048 bits \n" "Please specify how long the key should be valid.\n" " 0 = key does not expire\n" " <n>= key expires in n days\n" " <n>w = key expires in n weeks\n" " <n>m = key expires in n months\n" " <n>y = key expires in n years\n" " Key is valid for? (0) 0\n" "Key does not expire at all\n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):134 msgid "" "Now it is time to enter some personal information about yourself. If you are " "going to send your public key to other people you have to use your real " "email address here." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):140 msgid "Entering user information" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):140 #, no-wrap msgid "" "\n" "Is this correct (y/n)? y\n" " \n" "You need a User-ID to identify your key; the software constructs the user id\n" "from Real Name, Comment and Email Address in this form:\n" "\"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>\"\n" "\n" "Real name: John Doe\n" "Email address: john@nowhere.someplace.flick\n" "Comment: The Real John Doe\n" "You selected this USER-ID:\n" "\"John Doe (The Real John Doe) <john@nowhere.someplace.flick>\"\n" "\n" "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O \n" "You need a Passphrase to protect your secret key. \n" "\n" "Enter passphrase: \n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):159 msgid "" "Now enter your key passphrase twice. It is a good idea to use a strong " "password. If someone ever gets hold of your private key and cracks your " "password, they will be able to send messages signed by \"you\", making " "everyone believe the mails were sent by you." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):166 msgid "" "Next, GnuPG will generate your key. Moving the mouse or having a mp3 playing " "in the background will help speed up the process because it generates random " "data." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):174 msgid "Generating a revocation certificate" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(impo):177 msgid "This part is very important and you must do it NOW." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):181 msgid "" "After creating your keys you should create a revocation certificate. Doing " "this allows you to revoke your key in case something nasty happens to your " "key (someone gets hold of your key/passphrase)." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):187 msgid "Generating revoke certificate" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):187 #, no-wrap msgid "" "\n" "$ gpg --list-keys\n" "/home/humpback/.gnupg/pubring.gpg\n" "---------------------------------\n" "pub 1024D/75447B14 2002-12-08 John Doe (The Real John Doe) <john@nowhere.someplace.flick>\n" "sub 2048g/96D6CDAD 2002-12-08\n" "\n" "$ gpg --output revoke.asc --gen-revoke 75447B14\n" "\n" "sec 1024D/75447B14 2002-12-08 John Doe (The Real John Doe) <john@nowhere.someplace.flick>\n" "\n" "Create a revocation certificate for this key? y\n" "Please select the reason for the revocation: \n" " 0 = No reason specified\n" " 1 = Key has been compromised\n" " 2 = Key is superseded\n" " 3 = Key is no longer used\n" " Q = Cancel\n" "(Probably you want to select 1 here)\n" "Your decision? 1\n" "Enter an optional description; end it with an empty line:\n" "> Someone cracked me and got my key and passphrase\n" ">\n" "Reason for revocation: Key has been compromised\n" "Someone cracked me and got my key and passphrase\n" "Is this okay? y\n" "\n" "You need a passphrase to unlock the secret key for\n" "user: \"John Doe (The Real John Doe) <john@nowhere.someplace.flick>\"\n" "1024-bit DSA key, ID 75447B14, created 2002-12-08\n" "\n" "ASCII armored output forced.\n" "Revocation certificate created.\n" "\n" "Please move it to a medium which you can hide away; if Mallory gets\n" "access to this certificate he can use it to make your key unusable.\n" "It is smart to print this certificate and store it away, just in case\n" "your media become unreadable. But have some caution: The print system of\n" "your machine might store the data and make it available to others!\n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):228 msgid "" "The gpg --list-keys command lists keys in your public keyring. You " "may use it to see the ID of your key so that you can create the revocation " "certificate. Now it is a good idea to copy all the .gnupg directory and the " "revocation certificate (in ASCII armor - revoke.asc) to some " "secure medium (two floppy's or a CD-R you store in safe location). Remember " "that revoke.asc can be used to revoke your keys and make them " "unusable in the future." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(note):238 msgid "" "If you have several email addresses that you would like to use with this " "key, you can run gpg --edit-key YOUR_ID and then use the adduid command. It will ask you for the name, email and comment of the second ID " "you will be using." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):248 msgid "Exporting keys" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):251 msgid "" "To export your key, you type gpg --armor --output john.asc --export " "john@nowhere.someplace.flick. You can almost always use the key ID or " "something that identifies the key (here we used an email address). John now " "has a john.asc that he can send his friends, or place on his " "web page so that people can communicate safely with him." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):262 msgid "Importing keys" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):265 msgid "" "To add files to your public keyring, you must first import it, then check " "the key fingerprint. After you have verified the fingerprint you should " "validate it." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(note):270 msgid "" "You should be careful when verifying keys. This is one of the weak points of " "public key cryptography." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):275 msgid "" "Now we will be adding Luis Pinto's (a friend of mine) public key to our " "public keyring. After giving him a call and asking him for his key " "fingerprint, I compare the fingerprint with the output of the fpr " "command. As the key is authentic, I add it to the public keyring. In this " "particular case, Luis's key will expire in 2003-12-01 so I am asked if I " "want my signature on his key to expire at the same time." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):284 msgid "Importing and signing keys" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):284 #, no-wrap msgid "" "\n" "$ gpg --import luis.asc\n" "gpg: key 462405BB: public key imported\n" "gpg: Total number processed: 1\n" "gpg: imported: 1\n" "$ gpg --list-keys\n" "/home/humpback/.gnupg/pubring.gpg\n" "---------------------------------\n" "pub 1024D/75447B14 2002-12-08 John Doe (The Real John Doe) <john@nowhere.someplace.flick>\n" "sub 2048g/96D6CDAD 2002-12-08\n" "\n" "pub 1024D/462405BB 2002-12-01 Luis Pinto <lmpinto@student.dei.uc.pt>\n" "uid Luis Pinto <lmpinto@dei.uc.pt>\n" "sub 4096g/922175B3 2002-12-01 [expires: 2003-12-01]\n" "\n" "$ gpg --edit-key lmpinto@dei.uc.pt\n" "gpg (GnuPG) 1.0.7; Copyright (C) 2002 Free Software Foundation, Inc.\n" "This program comes with ABSOLUTELY NO WARRANTY.\n" "This is free software, and you are welcome to redistribute it\n" "under certain conditions. See the file COPYING for details.\n" "\n" "\n" "gpg: checking the trustdb\n" "gpg: checking at depth 0 signed=0 ot(-/q/n/m/f/u)=0/0/0/0/0/1\n" "pub 1024D/462405BB created: 2002-12-01 expires: 2003-12-01 trust: -/-\n" "sub 4096g/922175B3 created: 2002-12-01 expires: 2003-12-01\n" "(1) Luis Pinto <lmpinto@dei.uc.pt>\n" "(2). Luis Pinto <lmpinto@student.dei.uc.pt>\n" "\n" "Command> fpr\n" "pub 1024D/462405BB 2002-12-01 Luis Pinto <lmpinto@dei.uc.pt>\n" " Fingerprint: F056 3697 ADE3 CF98 B80B 8494 0AD3 E57B 4624 05BB\n" " \n" "Command> sign\n" "Really sign all user IDs? y\n" " \n" "pub 1024D/462405BB created: 2002-12-01 expires: 2003-12-01 trust: -/-\n" " Fingerprint: F056 3697 ADE3 CF98 B80B 8494 0AD3 E57B 4624 05BB\n" "\n" " Luis Pinto <lmpinto@dei.uc.pt>\n" " Luis Pinto <lmpinto@student.dei.uc.pt>\n" "\n" "This key is due to expire on 2003-12-01.\n" "Do you want your signature to expire at the same time? (Y/n) Y\n" "How carefully have you verified the key you are about to sign actually belongs\n" "to the person named above? If you don't know what to answer, enter \"0\".\n" "\n" " (0) I will not answer. (default)\n" " (1) I have not checked at all.\n" " (2) I have done casual checking.\n" " (3) I have done very careful checking.\n" "\n" " Your selection? 3\n" "Are you really sure that you want to sign this key\n" "with your key: \"John Doe (The Real John Doe) <john@nowhere.someplace.flick>\"\n" "\n" "I have checked this key very carefully.\n" "\n" "Really sign? y\n" " \n" "You need a passphrase to unlock the secret key for\n" "user: \"John Doe (The Real John Doe) <john@nowhere.someplace.flick>\"\n" "1024-bit DSA key, ID 75447B14, created 2002-12-08\n" "\n" "Command> check\n" "uid Luis Pinto <lmpinto@dei.uc.pt>\n" "sig!3 462405BB 2002-12-01 [self-signature]\n" "sig!3 75447B14 2002-12-08 John Doe (The Real John Doe) <john@nowhe\n" "uid Luis Pinto <lmpinto@student.dei.uc.pt>\n" "sig!3 462405BB 2002-12-01 [self-signature]\n" "sig!3 75447B14 2002-12-08 John Doe (The Real John Doe) <john@nowhe\n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):362 msgid "Exchanging keys with keyservers" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):364 msgid "Sending keys to keyservers" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):367 msgid "" "Now that you have your key, it is probably a good idea to send it to the " "world key server. There are a lot of keyservers in the world and most of " "them exchange keys between them. Here we are going to send John Doe's key to " "the subkeys.pgp.net server. This uses HTTP, so if you need to use a proxy " "for HTTP traffic don't forget to set it (export http_proxy=http://" "proxy_host:port/). The command for sending the key is: gpg --" "keyserver subkeys.pgp.net --keyserver-options honor-http-proxy --send-key " "75447B14 where 75447B14 is the key ID. If you don't need a HTTP " "proxy you can remove the --keyserver-options honor-http-proxy." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):379 msgid "" "You can also send other people's keys that you have signed to the keyserver. " "We could send Luis Pinto's key to the keyserver. This way someone who trusts " "your key can use the signature that you have placed there to trust Luis's " "key." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):388 msgid "Getting Keys from keyservers" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):391 msgid "" "Now we are going to search for Gustavo Felisberto's key and add it to the " "keyring of John Doe (just in case you did not notice Gustavo Felisberto is " "the author this guide :))." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):397 msgid "Searching keys from keyservers" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):397 #, no-wrap msgid "" "\n" "$ gpg --keyserver subkeys.pgp.net --keyserver-options honor-http-proxy --search-keys humpback@felisberto.net\n" "gpg: searching for \"humpback@felisberto.net\" from HKP server subkeys.pgp.net\n" "Keys 1-5 of 5 for \"humpback@felisberto.net\"\n" "(1)Gustavo Felisberto (apt-get install anarchy) <humpback@felisberto.net> 1024\n" " created 2002-12-06, key B9F2D52A\n" "(2)Gustavo Felisberto <humpback@altavista.net> 1024\n" " created 1999-08-03, key E97E0B46\n" "(3)Gustavo A.S.R. Felisberto <humpback@altavista.net> 1024\n" " created 1998-12-10, key B59AB043\n" "(4)Gustavo Adolfo Silva Ribeiro Felisberto <humpback@altavista.net> 1024\n" " created 1998-08-26, key 39EB133D\n" "(5)Gustavo Adolfo Silva Ribeiro Felisberto <humpback@altavista.net> 1024\n" " created 1998-06-14, key AE02AF87\n" " Enter number(s), N)ext, or Q)uit >1\n" "gpg: requesting key B9F2D52A from HKP keyserver subkeys.pgp.net\n" "gpg: key B9F2D52A: public key imported\n" "gpg: Total number processed: 1\n" "gpg: imported: 1\n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):418 msgid "" "As you can see from the server response I have a few keys submitted to the " "key server, but I currently only use B9F2D52A. Now John Doe can get " "it and sign it if he trusts it." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):429 msgid "Using a GPG Agent" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):431 msgid "What is a GPG Agent?" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):434 msgid "" "Sometimes working with certain applications requires you to use your GPG key " "very frequently, which means that you have to type your passphrase a lot of " "times. Several applications used to support a passphrase caching mechanism " "to make life easier for users. However, this disallowed sharing this cache " "across programs (how secure would that be?) and forced applications to " "reinvent the wheel over and over again." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):443 msgid "" "A GPG agent is a separate application that GPG uses to cache the passphrase " "in a standard and secure way. It allows applications to use GPG " "concurrently: if you enter your passphrase while working in one application, " "the other application can work with GPG without reiterating the request for " "the passphrase to unlock the key - if the GPG agent is configured to allow " "so, of course." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):452 msgid "" "Gentoo provides a few GPG agent applications. The app-crypt/gnupg-1.9.* package contains what could be considered the reference one, and will be " "the one we'll use in this document." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):461 msgid "Installing and Configuring gpg-agent and pinentry" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):464 msgid "" "You should install gnupg-1.9.*, which includes gpg-agent, and " "pinentry. pinentry is the helper application that gpg-agent " "uses to request the passphrase in a graphical window. It comes in three " "flavors: it can popup a window using the gtk+, Qt, or curses library " "(depending on the USE flag you set when emerging it)." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):472 msgid "Installing gpg-agent and pinentry" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):472 #, no-wrap msgid "" "\n" "# emerge \\>=gnupg-1.9.20 pinentry\n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):476 msgid "" "Next, create a file called ~/.gnupg/gpg-agent.conf and enter " "the following lines which define the default timeout of the passphrase (e.g. " "30 minutes) and the application to be called for when the passphrase should " "be retrieved the first time (e.g. the Qt version of pinentry)." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):483 msgid "Editing ~/.gnupg/gpg-agent.conf" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):483 #, no-wrap msgid "" "\n" "pinentry-program /usr/bin/pinentry-qt\n" "no-grab\n" "default-cache-ttl 1800\n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):489 msgid "" "Now configure GnuPG to use an agent when appropriate. Edit ~/.gnupg/" "gpg.conf and add the following line:" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):494 msgid "Configuring GnuPG to use a GPG Agent" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):494 #, no-wrap msgid "" "\n" "use-agent\n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):498 msgid "Now your system is (almost) set to use the GPG agent." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):505 msgid "Automatically Starting the GPG Agent" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):508 msgid "" "If you use KDE as graphical environment, edit /usr/kde/3.x/env/agent-" "startup.sh (system-wide) or ~/.kde/env/gpgagent.sh " "(local user) and add the following command to it to have KDE automatically " "starting the GPG agent:" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):515 msgid "Make KDE automatically start the GPG agent" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):515 #, no-wrap msgid "" "\n" "eval \"$(gpg-agent --daemon)\"\n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):519 msgid "" "If you use a different graphical environment, put that line (the same one as " "mentioned above) in ~/.xinitrc (if you use startx) or " "~/.xsession (if you use XDM/GDM/KDM/...)." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):530 msgid "Working with documents" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):532 msgid "Encrypting and signing" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):535 msgid "" "Let's say that you have a file that you wish to send Luis. You can encrypt " "it, sign it, or encrypt it and sign it. Encrypting means that only Luis will " "be able to open it. The signature tells Luis that it was really you who " "created the file." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):542 msgid "" "The next three commands will do just that, encrypt, sign and encrypt/sign." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):546 msgid "Encrypting and Signing files" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):546 #, no-wrap msgid "" "\n" "$ gpg --output doc.gpg --encrypt --recipient lmpinto@dei.uc.pt doc_to_encrypt\n" "$ gpg --output doc.gpg --sign --recipient lmpinto@dei.uc.pt doc_to_sign\n" "$ gpg --output doc.gpg --encrypt --sign --recipient lmpinto@dei.uc.pt doc_to_encrypt_and_sign\n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):552 msgid "" "This will create binary files. If you wish to create ASCII files, just add a " "--clearsign to the beginning of the command." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):560 msgid "Decrypting and verifying signatures" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):563 msgid "" "Suppose that you have received a file which is encrypted to you. The command " "to decrypt it is gpg --output document --decrypt encrypted_doc.gpg. " "This will decrypt the document and verify the signature (if there is one)." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):572 msgid "Encrypting and decrypting without keys" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):575 msgid "" "It is also possible to encrypt files using passwords instead of keys. Well, " "the password itself will function as the key - it will be used as a " "symmetric cypher. You can encrypt the file using gpg's --" "symmetric argument; decrypting uses the same command as we talked about " "before." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):582 msgid "Encrypting files using a password" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):582 #, no-wrap msgid "" "\n" "$ gpg --output document.gpg --symmetric document\n" "(GnuPG will ask for a passphrase and a passphrase verification)\n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):590 msgid "Advanced Features" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):593 msgid "" "There are some nice advanced features in GnuPG. To find them, open the " "~/.gnupg/gpg.conf file." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):598 msgid "~/.gnupg/gpg.conf" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):598 #, no-wrap msgid "" "\n" "#keyserver x-hkp://subkeys.pgp.net\n" "#keyserver-options auto-key-retrieve include-disabled include-revoked\n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):603 msgid "" "Search for the above two lines and uncomment them. With this any time GnuPG " "needs to check a signature and it does not find the public key on the local " "keyring it will contact the key server at subkeys.pgp.net and will try to fetch it from there." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):611 msgid "" "Another nice command is gpg --refresh-keys. This will contact the " "keyserver defined in the options file and refresh public keys in your local " "key ring from there, searching for revoked keys, new IDs, and new signatures " "on keys. You should probably run this once or twice a month so that if " "someone revokes his key you will be notified." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):624 msgid "GnuPG interfaces" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):626 msgid "About email signatures" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):629 msgid "" "95% of the time you will use GnuPG with email, signing/encrypting your " "outgoing messages and reading signed/encrypted messages. So it is only fair " "that I talk about that first." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):635 msgid "" "There are two ways two sign/encrypt a email with GnuPG, the old way and the " "new way :). In the old way messages would appear in plain text, with no " "possible formatting and attached files would be unsigned/unencrypted. Here " "is an example of a message signed the old way:" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):642 msgid "A plain text signature" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):642 #, no-wrap msgid "" "\n" "-----BEGIN PGP SIGNED MESSAGE-----\n" "Hash: SHA1\n" "\n" "Test message\n" "\n" "-----BEGIN PGP SIGNATURE-----\n" "Version: PGPfreeware 6.5.8 for non-commercial use\n" "\n" "iQA/AwUBP8461jMX0745gR7AEQIEOwCg011GbufXO3ED3FkLWXmfzg7xm1cAoJD0\n" "0EU3Kd2EKNCqataEqM5qjpPs\n" "=LchZ\n" "-----END PGP SIGNATURE-----\n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):657 msgid "" "Messages this way are no good in today's world, where we have nice GUIs and " "email readers that understand html." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):662 msgid "" "To solve this an addition to the MIME (Multipurpose Internet Mail " "Extensions) was created. This adds a field to the email that tells the mail " "reader that the full content of the message is signed and/or encrypted. The " "problem with this is that not all mail readers support this. And some even " "mess up the content; Microsoft's Outlook is famous for not working with this." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):673 msgid "Kgpg" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):676 msgid "" "Kgpg is a nice GUI for GnuPG. In the main screen you can paste the text that " "you wish to sign or encrypt, and you can also paste the ASCII armored text " "that you which to decrypt." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(figure:link):682 msgid "/images/kgpg1.png" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(figure:short):682 msgid "kgpg main window" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):684 msgid "" "In this image you can see the Kgpg main window with ASCII armored and " "encrypted text pasted into it. From here you can decrypt it (you will have " "to provide your password), encrypt other files, paste new text to sign...." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(figure:link):690 msgid "/images/kgpg2.png" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(figure:short):690 msgid "kgpg key manage window" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):692 msgid "" "Now you can see the key managing window. From here we see our good key for " "John Doe. The two trusted keys for Gustavo and Luis, and the untrusted key " "for Daniel Robbins (I still have not given him a call to check his " "fingerprint :))." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):701 msgid "Seahorse" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):704 msgid "" "Seahorse aims to be a GnuPG GUI interface for the Gnome desktop. The " "software has been evolving fast, but it still lacks many important features " "that can be found in Kgpg or the command line version." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):713 msgid "Enigmail" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):716 msgid "" "Enigmail is a plug-in for Mozilla-based email clients (such as Thunderbird " "and Seamonkey) that is pretty simple to configure. In Seamonkey, you just go " "to Preferences -> Privacy & Security -> Enigmail. There you enter " "your key email and that's it. You must first emerge enigmail to use " "it with Thunderbird. Then you can configure it by going to Edit -> " "Account Settings -> OpenPGP Security." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):725 msgid "" "Mails that come with an untrusted pgp or gpg signature will be marked with a " "broken pen. Others that have good signatures will appear with a nice " "straight pen. Enigmail even comes with the ability to get keys from " "keyservers, but if it has problems it will print some very weird messages " "(but you still remember how to use the command line, right?)." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):736 msgid "KMail" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):739 msgid "" "If you have the crypt USE flag set, KMail will be compiled with gpg " "support, and will be able to encrypt and decrypt inline PGP mails " "automatically as well as encrypting OpenPGP/MIME mails. If you want to " "decrypt OpenPGP/MIME mails as well (which you probably want) you need to " "have a running GPG agent (see Using a GPG Agent)." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):747 msgid "" "You can verify if KMail is properly configured by going to Settings, " "Configure KMail, Security, Crypto Backends. You should " "see a GpgME-based backend listed and you should be able to fill the OpenPGP " "checkbox. If it is listed but grayed out, click on Rescan. If the " "GpgME-based backend remains grayed out, KMail is not working properly." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):755 msgid "" "If you still are unable to get KMail to behave, please see the KMail PGP HowTo page " "for more information." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):764 msgid "Claws-Mail" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):767 msgid "" "This mail reader is very fast with big mailboxes, has all the nice " "features one wants in mail readers and works pretty well with gpg. The only " "problem is that it does not work with the old PGP signatures, so when you " "receive those kind of mails you have to hand check the signatures." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):774 msgid "" "To use your gpg key with Claws-Mail just go to the account configuration and " "select the privacy tab. Once there just choose which key to use, probably " "most users will go with the default key." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):785 msgid "Public Key Cryptography" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):787 msgid "Basic Public Key Cryptography" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):790 msgid "" "The concept of public key cryptography was originally devised by Whitfield " "Diffie and Martin Hellman in 1976. When I first heard the words \"public key" "\" and \"cryptography\" in the same sentence back in '93 I thought to myself " "that it would be impossible to do such a thing. In those days there was no " "Internet (well there was, but not for me) so I went to the public library " "and asked for books on Cryptography. I must say that I was 16 at the time so " "the clerk there looked to me in astonishment and brought me a book for " "children on substitution cyphers (those where you change a letter for " "another like the famous Caesar Cypher or ROT-13 (Tragbb Ebpxf, naq lbh xabj " "vg vf tbbq orpnhfr lbh ner ernqvat guvf qbp.), (emerge rotix if you " "cannot read the preceding text)). I was very upset with this and started to " "search for more info. It is good to have mathematicians in the family, " "because as soon as I talked to one of them I was introduced to a new world." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):806 msgid "And now a bit of mathematics:" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre:caption):810 msgid "Mathematical Concepts" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(pre):810 #, no-wrap msgid "" "\n" "Definitions:\n" "\n" "1- A prime number is a positive integer number greater than one that is only\n" "divisible by 1 and itself (the remainder of the division is 0).\n" "The first 8 prime numbers are 2,3,5,7,11,13,17,19\n" "\n" "Theorem (No proof here)\n" "1- For any non prime positive integer it is possible to break it as the product\n" "of prime numbers, and that product is unique.\n" "4=2*2\n" "6=2*3\n" "8=2*4=2*2*2\n" "10=2*5\n" "12=2*6=2*2*3\n" "\n" "\"Facts\":\n" "1- It is mathematically easy to multiply two large integers\n" "2- It is hard to find the prime factors of a given positive integer.\n" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):831 msgid "" "If I give you the number 35 and I tell you that this number is the product " "of two prime numbers it is easy to find that it was 5 and 7. But if I tell " "you the same for 1588522601 you will spend alot of time (or CPU cycles) to " "find it was 49811*31891. And if this number is really really big this task " "becomes \"impossible\". So now if I give the world my large number that is " "the product of two primes I know something about that number that no one " "else knows." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):840 msgid "" "This is the basis for Public Key Cryptography (PKC) implementations today. " "As an (unrealistic) example, I give anyone my number and that someone will " "use if for cyphering a message to me. Anyone can see the cyphered message, " "because I am the only one who knows a shortcut to read it, anyone else will " "first have to \"split\" that big number to be able to read the message, and " "it is a \"fact\" that it is impossible to do that in a short amount of time " "(todays methods and the fastest computers in the world would take thousands " "of years to do that). In this setup the two large prime numbers would be " "called the PRIVATE KEY, and the large non prime number is the PUBLIC KEY." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):852 msgid "" "In practice this is not 100% accurate with reality, but will give a good " "idea to the newcomer. For more information, check Wikipedia on the Diffie-Hellman " "protocol. For even more info go to the public library and grab a copy of the " "\"Handbook of Applied " "Cryptography\" by Alfred J. Menezes, Paul C. van Oorschot and Scott A. " "Vanstone. This book is also available online for free at the above site." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):862 msgid "" "One consequence of the above is that if you cypher a message to me, and you " "loose the original uncyphered message you will no longer be able to retrieve " "it from the cyphered version." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):871 msgid "Signatures" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):874 msgid "" "We already saw how someone can send us a cyphered message if they have our " "public key. But how do we know that the author of the message is really who " "he claims to be? Or in other words: If I receive an email from you how do I " "really know it was you and not someone else claiming to be you?" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):881 msgid "" "Remember me saying that PKC was not as simple as I had said? The idea is " "that when you cypher a message to me you sign it with your private key so " "that, when I receive it, I can first use your public key to check your " "signature and then use my private key to decypher the message. As you can " "see we could not do that in the setup I described before." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):889 msgid "" "It's also very important to sign messages so that you don't have to cypher " "them beforehand. Now you can create messages that can be read by anyone, but " "that come with your \"branding\". And if any single character is changed in " "the message it can (and will) be detected." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):899 msgid "Key Servers and Signed Keys" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):902 msgid "" "But let's say that I have no previous contact with you until you send me a " "message: how do I get your public key, and how do I really know it is yours?" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):907 msgid "" "To solve this problem public Key Servers were created. When you create your " "key pair (Public and Private key), you send your public key to the key " "server. After this everyone can retrieve your key from there. This solves " "the problem of finding the key. But how do I really know that that key is " "the author's key? For this another concept must be introduced, and that is " "key signing:" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):915 msgid "" "Key signing means that if I have the public key of another person, and I " "know for sure that it is really that persons key (it is my personal " "friend, someone I know in real life, etc.) I can sign that public key and " "send it to keyservers, that way I am telling the world: \"This key really " "belongs to the person it claims to belong.\". That way persons that have my " "public key and trust me can use that trust to trust other keys." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):924 msgid "This can sometimes be confusing so let's see a real world situation." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):928 msgid "" "Let's imagine a 3 person situation: John, Mary, and Lisa. John is a good " "friend of Mary but does not know Lisa; Lisa is a good friend of Mary but " "does not know John. One day Lisa sends John a signed email. John will fetch " "Lisa's Public Key from the keyserver and test the message, if all went ok he " "will see that whoever wrote that message also created that key. But how do I " "know it was really the person it claims to be?" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):937 msgid "" "He then sees that it is signed by Mary, which he can check because he " "already has Mary's key and he trusts that key. With this ring of trust he " "continues to conclude that the email he received was really written by Lisa." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):943 msgid "" "You are now ready to use this guide, you can go back to chapter 1 and learn " "how to use gpg." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):953 msgid "Final thoughts and Credits" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):955 msgid "Some problems" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):958 msgid "" "I had some problems with photos in keys. Check the version you are using. If " "you have GnuPG 1.2.1-r1 and up you are probably OK, older versions may have " "problems. Also most keyservers don't like keys with photos, so you are " "better if you don't add photos." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):965 msgid "" "The latest versions of gnupg don't seem to work with the gpg --send-keys that was used so send all keys in your keyring to the public server." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):974 msgid "What is not here" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):977 msgid "" "gpg is a very complex tool, it lets you do much more than what I have " "covered here. This document is for the user who is new to GnuPG. For more " "information, you should check the GnuPG " "Website." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):984 msgid "" "I did not write about other tools like pgp4pine, gpgpine, " "evolution and maybe Windows tools, but I will probably extend this " "document in the future." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(title):993 msgid "Credits" msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):996 msgid "" "John Michael Ashley's GnuPG Handbook it is a very good book for beginners." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):1001 msgid "Swift (Sven Vermeulen) for pushing me to re-write this." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):1005 msgid "Everyone in the #gentoo-doc team you guys rock." msgstr "" #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(p):1009 msgid "Tiago Serra for getting me back to the privacy track." msgstr "" #. Place here names of translator, one per line. Format should be NAME; ROLE; E-MAIL #: ../../gentoo/xml/htdocs/doc/en//gnupg-user.xml(None):0 msgid "translator-credits" msgstr ""