Category Archives: Useful Utilities

Very useful utilities that I have stumbled on.

Quick and dirty introduction to GnuPG (GPG) on Linux

It’s a few simple steps to create GPG encryption keys and use these for signing and encrypting files and emails.

GPG Key Creation

  1. Create a new pair of public/private cryptographic keys:
    user@yourhost:~$ gpg --gen-key

    follow the prompts use the defaults if unsure, Enter your name and email address.
  2. List keys
    tom@tomsalmon:~$ gpg --list-keys

    pub 1024D/C96ACE6A 2010-03-30 [expires: 2015-03-29]
    uid      Tom Salmon <tom@tomsalmon.com>
    sub 4096g/2BEF6E4A 2010-03-30 [expires: 2015-03-29]

  3. Upload the Public Key to one of the Key servers
    gpg --keyserver hkp://keys.gnupg.net --send-keys C96ACE6A
    The key ID is retrieved using the above list keys function.
  4. Export the Public Key in ASCII
    tom@tomsalmon:~$ gpg --export -a C96ACE6A
    Sample output
  5. Import a Public Key in ASCII format
    gpg --import < key.asc
    gpg --edit-key C96ACE6A
    … run the commands: 'trust', 'sign', 'save', 'quit'

GPG with Email

  • Mutt comes with built-in GPG support and integrates perfectly with the system's GPG setup

File Encryption

  • Encrypting
    gpg -r your@emailaddress.org -e intheclear.txt
    Creates a new file intheclear.txt.gpg which is encrypted with your public key. Only your private key can decrypt this file.
  • Decrypting
    gpg [-d] secret.txt.gpg
    (requires that you enter your passphrase) creates the unencrypted file 'secret.txt', if the '-d' flag is used the unencrypted data is displayed on the command line

You may encrypt files for other people if you have imported their Public Key. Only their Private Key will be able to decrypt the file.

Key Signing

  1. Search the Keyserver:
    gpg --keyserver hkp://keys.gnupg.net --search-keys tom@tomsalmon.com
    … select the most recent key that matches, find the Key ID
    To make life easier, add the following line to your .bashrc file:
    alias gpgsearch='gpg --keyserver hkp://keys.gnupg.net --search-keys'
    restart your shell, and run 'gpgsearch user@example.com'
  2. Verify the Key fingerprint with its owner (manually, in person)
    gpg --fingerprint KEY_ID
  3. Set the trust level and sign the key
    gpg --edit-key KEY_ID
    … run the commands: 'trust', 'sign', 'save', 'quit'
  4. Upload the signed key to the keyserver
    gpg --keyserver hkp://keys.gnupg.net --send-keys KEY_ID

Checking signatures on new keys

  1. Search the keyserver and download the matching key
  2. Check to see if the key has been signed by any trusted keys
    gpg --check-sigs KEY_ID
  3. Based on this result, you can determine if the key belongs to the user

View ‘dd’ progress

When reading/writing a disk image using Linux tool ‘dd’ launch as follows:
dd if=/dev/sdb of=filename.img & pid=$!
this will run ‘dd’ in the background.

To see the progress:
kill -USR1 $pid
(it will not kill the dd)

Notes:

  1. If you are doing it as a non-root user you’ll need to prefix those commands with sudo
  2. If you do that do ‘sudo ls‘ first, otherwise the ‘sudo dd‘ will fail waiting on the password which it’ll never get as its backgrounded.

Thanks to Cian.

Checkinstall – easy way to build RPM and Deb packages

Thanks to the kind people in #asterisk (irc.freenode.net) I found: Checkinstall

This is a very quick and easy was to make your own RPM and Deb packages. When compiling your package, instead of running “make install” run: “checkinstall”

To build for most distributions, the configure script should be executed with the following options:
./configure –prefix=/usr –sysconfdir=/etc
so that executables, libraries and configuration files are installed to the expected locations.