Each time you add or remove identities from your key, you should upload it to the key server again (see below). When you are finished close the Key Inspector window. This is useful if one of your email addresses is known to others more than the others. You also have the option to set a primary email address. Click Generate user ID when you are ready to add this new identity to your key pair. You will be asked to enter the name and email address of the new identity. To add an additional email address/identity click on the + under the first box that lists Name, Email and Comment. Using the same window as you did for changing setting the trust level of your key, click on the User IDs tab. You can add additional identities very easily. You don’t have to have a separate key for each email address or identity you want to use the key for. Adding additional identities (email addresses) to your key It’s your key, so you can choose the Ultimate trust option.
You can use this window to change the properties of your keys including adding additional User IDs (see below).Īt the bottom of this window you will see Ownertust. Then go to Key > Show Info.Ī Key Inspector window opens as shown below. To set the level of your key (or any key for that matter). You created the key so presumably you trust it is yours. You should set the trust level of your own key at this point. You can set how much you trust each key as a property of that key. If you don’t trust that the keys are from the people they say they are from then there is no real point in using encryption at all. The whole encryption key idea works on the basis that you trust that the keys of the people you keep on your system are genuinely from those people. To create the certificate go to Key > Generate Revoke Certificate and choose some where to save it. You should keep this safe separately from your key pair so that if you lose your private key you can revoke it so that people know not to use it. We recommend you generate a revocation certificate at this point. Once you key is generated you will be taken back to the main keychain window (below). When you click OK you will be asked to confirm the passphrase (to make sure you typed it correctly). This passphrase along with keeping the private part of your key pair safe is what is going to protect your encrypted and signed emails.
#Gpg suite mac safe password
The reason you are asked for a passphrase rather than a password is to suggest to you that something longer than a single word password would be desirable. When you click Generate Key you will be asked to enter a passphrase. We recommend you upload your key later to give you chance to try it out first to make sure it meets your needs. We suggest you accept the default options for your key pair, but if you want to look at the Advanced options you will see a screen like the one below.Įxcept for the key length which cannot be changed after the key pair is generated, you can change all of the other options at a later time. The public key is used to encrypt messages to you, and the private key is used by you to decrypt those messages.Īs the installation completes the GPG Keychain Access program will launch and prompt you to create your key pair. It is a pair because there is a private key that you keep safe and never give to anyone else, and a public key you can give to others and upload to a key server so others can find it. It is probably worth reminding ourselves what we are about to do.
0 kommentar(er)
