seahorse r2402 - in seahorse-plugins/trunk: . help/C
- From: sadam svn gnome org
- To: svn-commits-list gnome org
- Subject: seahorse r2402 - in seahorse-plugins/trunk: . help/C
- Date: Wed, 27 Aug 2008 18:42:59 +0000 (UTC)
Author: sadam
Date: Wed Aug 27 18:42:59 2008
New Revision: 2402
URL: http://svn.gnome.org/viewvc/seahorse?rev=2402&view=rev
Log:
2008-08-27 Adam Schreiber <sadam clemson edu>
* help/C/seahorse-plugins.xml: Updated manual to be in sync with
only
having preferences and plugins
Modified:
seahorse-plugins/trunk/ChangeLog
seahorse-plugins/trunk/help/C/seahorse-plugins.xml
Modified: seahorse-plugins/trunk/help/C/seahorse-plugins.xml
==============================================================================
--- seahorse-plugins/trunk/help/C/seahorse-plugins.xml (original)
+++ seahorse-plugins/trunk/help/C/seahorse-plugins.xml Wed Aug 27 18:42:59 2008
@@ -2,12 +2,12 @@
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
"http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd"; [
<!ENTITY legal SYSTEM "legal.xml">
- <!ENTITY appversion "0.9.9">
+ <!ENTITY appversion "2.24.x">
<!ENTITY manrevision "3.1">
<!ENTITY date "July 2005">
- <!ENTITY app "Passwords and Encryption Keys">
+ <!ENTITY app "Encryption and Keyrings">
<!ENTITY daemon "<application>seahorse-daemon</application>">
- <!ENTITY project "Seahorse Plugins">
+ <!ENTITY project "Seahorse Project">
<!ENTITY key "<glossterm>key</glossterm>">
<!ENTITY website "http://www.gnome.org/projects/seahorse/";>
]>
@@ -51,7 +51,17 @@
<publishername>Seahorse Project</publishername>
</publisher>
<revhistory>
- <revision>
+ <revision>
+ <revnumber>&app; Manual V0.10.0</revnumber>
+ <date>August 2008</date>
+ <revdescription>
+ <para role="author">
+ Adam Schreiber
+ <email>sadam clemson edu</email>
+ </para>
+ </revdescription>
+ </revision>
+ <revision>
<revnumber>&app; Manual V0.9.1</revnumber>
<date>November 2006</date>
<revdescription>
@@ -95,7 +105,8 @@
<abstract role="description">
<para>
- <application>&app;</application> is the application for managing encryption keys for the GNOME Desktop
+ <application>&app;</application> is the application for managing your primary encryption key and how
+ the passphrase for your key is stored after performing an encryption operation.
</para>
</abstract>
@@ -113,1205 +124,28 @@
<primary>Encryption Keys</primary>
</indexterm>
- <sect1 id="introduction">
- <title>Introduction</title>
- <para>
- You can use <application>&app;</application> to create and manage <acronym>PGP</acronym> and <acronym>SSH</acronym> keys.
- </para>
- <para>
- <application>&app;</application> provides a front end to many of the features of
- <ulink url="http://www.gnupg.org"; type="http">Gnu Privacy Guard (GPG)</ulink> and
- integrates with multiple components of the <ulink url="http://www.gnome.org";>GNOME</ulink> desktop.
- </para>
- <para>
- Features of <application>&app;</application> include:
- <itemizedlist>
- <listitem>
- <para>
- A drop-in replacement for <application>gpg-agent</application>
- </para>
- </listitem>
- <listitem>
- <para>
- A DNS-SD HKP &key; server
- </para>
- </listitem>
- <listitem>
- <para>
- Plugins for <application><ulink url="ghelp:gedit" type="help">Gedit</ulink></application>, <application><ulink url="ghelp:user-guide?nautilus">Nautilus</ulink></application>
- and <application><ulink url="ghelp:epiphany">Epiphany</ulink></application>
- </para>
- </listitem>
- <listitem>
- <para>
- A panel applet for encrypting text on the clipboard
- </para>
- </listitem>
- </itemizedlist>
- </para>
- <para>
- With <application>&app;</application> you can:
- <itemizedlist>
-
- <listitem>
- <para>Create and manage PGP and SSH keys,</para>
- </listitem>
- <listitem>
- <para>Export and import PGP and SSH keys,</para>
- </listitem>
- <listitem>
- <para>Share your keys with others,</para>
- </listitem>
+ <sect1 id="introduction">
+ <title>Introduction</title>
+ <para>
+ You can use <application>&app;</application> to select your primary encryption key and how the
+ passphrase for your key is stored after performing an encryption operation.
+ </para>
+ <para>
+ Additionally, this manual contains information pertaining to encryption plugins provided for:
+ <itemizedlist>
<listitem>
- <para>Backup your keys and keyring,</para>
+ <para><application><ulink url="ghelp:gedit" type="help">Gedit Text Editor</ulink></application></para>
</listitem>
<listitem>
- <para>Cache your passphrase so you don't have to keep typing it,</para>
+ <para><application><ulink url="ghelp:user-guide?nautilus">Nautilus File Manager</ulink></application></para>
</listitem>
<listitem>
- <para>Encrypt and decrypt the clipboard.</para>
+ <para><application><ulink url="ghelp:user-guide?epiphany-browser">Epiphany Web Browser</ulink></application></para>
</listitem>
- </itemizedlist>
- </para>
- </sect1>
-
- <sect1 id="seahorse-getting-started">
- <title>Getting Started</title>
- <sect2 id="seahorse-start">
- <title>Starting <application>&app;</application></title>
- <para>
- You can start <application>&app;</application>
- in the following ways:
- </para>
- <variablelist>
- <varlistentry>
- <term><guimenu>Applications</guimenu> menu</term>
- <listitem>
- <para>Choose
- <menuchoice>
- <guimenu>Other</guimenu>
- <guimenuitem>Password and Encryption Keys</guimenuitem>
- </menuchoice>.</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>Command Line</term>
- <listitem>
- <para>
- Type <command>seahorse</command> then press <keycap>Return</keycap>.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </sect2>
-
- <sect2 id="seahorse-when-start">
- <title>When You Start <application>&app;</application></title>
- <para>
- When you start <application>&app;</application>, the <guilabel>Password and Encryption Keys</guilabel>
- window is displayed.
- </para>
-
- <figure id="seahorse-window">
- <title>The <application>&app;</application> Window</title>
- <screenshot>
- <mediaobject>
- <imageobject>
- <imagedata fileref="figures/seahorse-window.png" format="PNG"></imagedata>
- </imageobject>
- <textobject>
- <phrase>
- Show the <application>&app;</application> window.
- </phrase>
- </textobject>
- </mediaobject>
- </screenshot>
- </figure>
-
- <para>
- The <application>&app;</application> window contains the following elements:
- </para>
-
- <variablelist>
- <varlistentry><term>Menubar</term>
- <listitem>
- <para>The menus on the menubar contain all of the commands that you need to perform tasks in <application>&app;</application>.</para>
- </listitem>
- </varlistentry>
- <varlistentry><term>Toolbar</term>
- <listitem>
- <para>Use the toolbar to quickly access commonly-used commands.</para>
- </listitem>
- </varlistentry>
- <varlistentry><term>Keys and Passwords Tabs</term>
- <listitem>
- <para>Provides access to the keys and passwords in the keyring.</para>
- </listitem>
- </varlistentry>
- <varlistentry><term>First time options</term>
- <listitem>
- <para>Provides fast access to useful actions for first time users. From here you can:</para>
- <itemizedlist>
- <listitem>
- <para>Browse the help system,</para>
- </listitem>
- <listitem>
- <para>Import keys in the keyring,</para>
- </listitem>
- <listitem>
- <para>Create new keys.</para>
- </listitem>
</itemizedlist>
- </listitem>
- </varlistentry>
- </variablelist>
- </sect2>
+ </para>
</sect1>
- <sect1 id="pgp-generate">
- <title>Creating OpenPGP Keys</title>
- <para>
- OpenPGP is a non proprietary protocol for encrypting e-mail with the use of public key
- cryptography based on <acronym>PGP</acronym>. It defines standard formats for encrypted messages, signatures, private keys
- and certificates for exchanging public keys.
- </para>
- <para>
- Public key cryptography is a concept which involves the use of two keys:
- a <emphasis>public key</emphasis>, that you can give to anyone with whom
- you would like to communicate, and a <emphasis>private key</emphasis> which is
- private and must be kept secret.
- </para>
- <para>
- To create OpenPGP keys:
- <orderedlist>
- <listitem>
- <para>
- Choose <menuchoice><guimenu>Key</guimenu><guimenuitem>Create New Key</guimenuitem></menuchoice>
- </para>
- </listitem>
- <listitem>
- <para>
- Select <guilabel>PGP Key</guilabel> and click <guibutton>Continue</guibutton>
- </para>
- </listitem>
- <listitem>
- <para>
- Enter your full name (first - last), your e-mail address and any additional information.
- You can also specify advanced options for the key: see below.
- </para>
- </listitem>
- <listitem>
- <para>
- Click <guibutton>Create</guibutton> to create the new key pair.
- </para>
- </listitem>
- <listitem>
- <para>
- The <guilabel>Passphrase for New PGP Key</guilabel> dialog will open.
- Enter the passphrase twice for your new key.
- </para>
- </listitem>
- </orderedlist>
- </para>
- <tip>
- <para>
- Use similar practices to generating a strong password when choosing a
- passphrase. The main difference between a password and a passphrase is that,
- in a passphrase, spaces are valid characters.
- </para>
- </tip>
-
- <sect2 id="seahorse-pgp-advanced-mode">
- <title>Advanced options</title>
- <para>
- Expand the <guibutton>Advanced key options</guibutton>
- section to specify the following options for a new key:
- </para>
- <variablelist>
- <varlistentry>
- <term><guilabel>Encryption Type</guilabel></term>
- <listitem>
- <para>
- This field specifies the encryption algorithms used
- to generate your keys.
- </para>
- <variablelist>
- <varlistentry>
- <term><acronym>DSA</acronym> ElGamal</term>
- <listitem>
- <para>
- This is the suggested choice as it will allow
- you to encrypt, decrypt, sign and verify as needed.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><acronym>DSA</acronym></term>
- <listitem>
- <para>
- Will allow signing only.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><acronym>RSA</acronym></term>
- <listitem>
- <para>
- Will allow signing only.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Key Strength (bits)</guilabel></term>
- <listitem>
- <para>
- This is the length of the key in bits. The longer the key,
- the more secure it will be, provided a strong passphrase is
- used. Conversely, performing any operation with a longer key
- will require more time than it would with a shorter key. Acceptable
- values are between 1024 and 4096 bits. At least 2048 bits is recommended.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Expiration Date</guilabel></term>
- <listitem>
- <para>
- This is the date at which the key will cease to be usable for
- performing encryption or signing operations. 6 months is a reasonable time
- to set it to. You will have to either change the
- expiration date or generate a new key or subkey after this amount
- of time passes.
- <note>
- <para>
- Sign your new key with your old one before it expires
- to preserve your trust status.
- </para>
- </note>
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </sect2>
- </sect1>
-
-
- <sect1 id="ssh-generate">
- <title>Creating Secure Shell Keys</title>
- <para>
- Secure Shell (<acronym>SSH</acronym>) is a way of logging into a remote computer to execute commands
- on that machine.
- SSH keys are used in key-based authentication system, as an alternative to the default password
- authentication system.
- With key-based authentication there is no need to manually type a password to authenticate.
- </para>
- <para>
- Secure Shell keys are made of two keys: a <emphasis>private key</emphasis>, that must be kept secret,
- and a <emphasis>public key</emphasis> which can be uploaded to any computer you need to access.
- </para>
- <para>
- To create a Secure Shell key:
- </para>
- <orderedlist>
- <listitem>
- <para>Choose <menuchoice><guimenu>Key</guimenu><guimenuitem>Create New Key</guimenuitem></menuchoice></para>
- </listitem>
- <listitem>
- <para>Select <guilabel>Secure Shell Key</guilabel> and click <guibutton>Continue</guibutton></para>
- </listitem>
- <listitem>
- <para>Enter a description of what the key is to be used for. You can use your e-mail address or any other reminder. You can also specify advanced options for the key: see below.</para>
- </listitem>
- <listitem>
- <para>Click <guibutton>Just Create Key</guibutton> to
- create the new key, or <guibutton>Create and Set Up</guibutton>
- to create the key and set up another computer to use it for authentication.</para>
- </listitem>
- <listitem>
- <para>The <guilabel>Passphrase for New Secure Shell Key</guilabel>
- dialog opens.
- Enter the passphrase twice for your new key.
- </para>
- <tip>
- <para>
- Use similar practices to generating a
- strong password when choosing a
- passphrase. The main difference between a
- password and a passphrase is that, in a
- passphrase, spaces are valid characters.
- </para>
- </tip>
- </listitem>
- </orderedlist>
-
-
-
- <sect2 id="seahorse-ssh-advanced-options">
- <title>Advanced options</title>
- <para>
- Expand the <guilabel>Advanced key options</guilabel> section to specify the following options for a new key:
- </para>
-
- <variablelist>
- <varlistentry>
- <term><guilabel>Encryption Type</guilabel></term>
- <listitem>
- <para>
- This field specifies the encryption
- algorithms used to generate your key.
- </para>
- <variablelist>
- <varlistentry>
- <term><acronym>RSA</acronym></term>
- <listitem>
- <para>
- Use the <emphasis>Rivest-ShamirAdleman</emphasis>
- (<acronym>RSA</acronym>) algorithm to create the SSH key.
- This is the preferred and more secure choice.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><acronym>DSA</acronym></term>
- <listitem>
- <para>
- Use the <emphasis>Digital Signature Algorithm</emphasis>
- (<acronym>DSA</acronym>) to create the SSH key.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Key Strength (bits)</guilabel></term>
- <listitem>
- <para>
- This is the length of the key in bits.
- The longer the key, the more secure it
- will be, provided a strong passphrase is
- used. Conversely, performing any
- operation with a longer key will require
- more time than it would with a shorter
- key. Acceptable values are between 1024
- and 4096 bits. At least 2048 bits is recommended.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </sect2>
- </sect1>
-
-
-
- <sect1 id="seahorse-key-properties">
- <title>OpenPGP Key Properties</title>
- <para>
- The descriptions in this section apply to all OpenPGP keys.
- </para>
-
- <para>
- To view properties of a <acronym>PGP</acronym> key:
- <itemizedlist>
- <listitem>
- <para>
- Select the <acronym>PGP</acronym> key
- from the main window,
- </para>
- </listitem>
- <listitem>
- <para>
- Double click on it or choose <guilabel>Properties</guilabel>
- from the toolbar,
- </para>
- </listitem>
- <listitem>
- <para>
- Select the <guilabel>Details</guilabel> tab.
- </para>
- </listitem>
- </itemizedlist>
- </para>
-
- <sect2 id="pgp-public-key-properties">
- <title id="pgp-private-key-properties">Properties</title>
- <para>
- <variablelist>
- <varlistentry>
- <term><guilabel>Fingerprint</guilabel></term>
- <listitem>
- <para>The fingerprint is a unique string of characters that exactly identifies a key.</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>KeyID</guilabel></term>
- <listitem>
- <para>
- The KeyID is similar to the Fingerprint. However the KeyID only contains the last 8
- characters of the fingerprint. Most of the time it is possible to identify a key with
- only the KeyID, but occasionally two keys may have the same ID.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Type</guilabel></term>
- <listitem>
- <para>
- Specifies the encryption algorithm used to generate a key. DSA keys can only sign.
- ElGamal keys are used to encrypt.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Created</guilabel></term>
- <listitem>
- <para>
- Indicates the date the key was created.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Expires</guilabel></term>
- <listitem>
- <para>
- Indicates the date the key can no longer be used.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Strength</guilabel></term>
- <listitem>
- <para>
- Indicates the length in bits of a key. In general the longer the key, the more security it
- provides.
- <note>
- <para>
- A long key is not enough to make up for the use of a weak passphrase.
- </para>
- </note>
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </para>
- </sect2>
-
- <sect2 id="change-owner-trust">
- <title>Trust</title>
- <para>
- Trust is an indication of how sure you are of a person's ability to correctly extend
- the web of trust. When you are faced with a key you have not signed, the validity of
- that person's key will be determined based on the signatures they have collected and
- how well or not you trust the people who have made those signatures. By default, an
- unknown key will require 3 signatures with marginal trust value or 1 fully trusted signature.
- </para>
- <itemizedlist>
- <listitem><para>
- <guilabel>Unknown</guilabel>: You are not familiar with the person's ability to sign keys correctly.
- </para></listitem>
- <listitem><para>
- <guilabel>Never</guilabel>: This person cannot correctly sign keys.
- </para></listitem>
- <listitem><para>
- <guilabel>Marginal</guilabel>: This person checks for photo ID before signing a key, but
- does not necessarily scrutinize the IDs.
- </para></listitem>
- <listitem><para>
- <guilabel>Full</guilabel>: This person scrutinizes each and every person's photo IDs before
- signing them (e.g. they only sign keys that truely belong to the person asking for the signature).
- </para></listitem>
- <listitem><para>
- <guilabel>Ultimate</guilabel>: This level of trust should only be assigned to your own keys.
- </para></listitem>
- </itemizedlist>
- </sect2>
-
- <sect2 id="disable-key">
- <title>Enabling and Disabling Keys</title>
- <para>
- When a key is enabled, it can be used to perform encryption operations.
- When a key is disabled, it cannot be used to encrypt to or verify signatures made by it.
- </para>
- </sect2>
-
- <sect2 id="change-expires">
- <title>Expiration Date</title>
- <para>
- A key can no longer be used to perform key operations after it has expired. Changing a
- key's expiration date to a point in the future re-enables it. A good general practice
- would be to have a master key that never expires and multiple subkeys that do and are
- signed by the master key.
- </para>
- </sect2>
-
- <sect2 id="userid-properties">
- <title>User IDs</title>
- <para>
- User IDs allow multiple identities and email addresses to
- be used with the same key.
- </para>
- <para>
- They usually take the form of:
- <programlisting>Name (comment) <email address></programlisting>
- </para>
-
- <sect3 id="add-uid">
- <title>Adding a User ID</title>
- <para>
- Adding a user ID is useful when you want to have
- an identity for your job and one for your friends.
- </para>
- <para>
- To add a user ID to a key:
- <itemizedlist>
- <listitem>
- <para>
- Select the key from the main window,
- </para>
- </listitem>
- <listitem>
- <para>
- Double click on it or choose <guibutton>Properties</guibutton> from the toolbar,
- </para>
- </listitem>
- <listitem>
- <para>
- Select the <guilabel>Names and Signatures</guilabel> tab,
- </para>
- </listitem>
- <listitem>
- <para>
- Click on <guibutton>Add Name</guibutton>.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- <para>
- After following the instructions above, you will be presented with a
- dialog to fill in. The fields are detailed below.
- </para>
- <variablelist>
- <varlistentry>
- <term><guilabel>Full Name</guilabel></term>
- <listitem>
- <para>
- Enter your full name in the form
- <programlisting><first> <last></programlisting>
- A middle name or initial is optional.
- </para>
- <para>
- <note>
- <para>
- You must enter at least 5 characters in this field.
- </para>
- </note>
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Email Address</guilabel></term>
- <listitem>
- <para>
- Your email address is how most
- people will locate your key on a
- key server or other key provider.
- Make sure it is correct before
- continuing.
- </para>
- <para>
- <note>
- <para>
- It should be of the form
- <programlisting><replaceable><username></replaceable>@<replaceable><domainname></replaceable></programlisting>
- </para>
- </note>
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Key Comment</guilabel></term>
- <listitem>
- <para>
- The comment field can be used to
- place any additional information
- into the displayed name of your new
- ID. This information can be
- searched for on key servers.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </sect3>
- </sect2>
-
- <sect2 id="photoid-properties">
- <title>Photo IDs</title>
- <para>
- Photo IDs allow a key owner to embed one or more pictures of themselves in a key.
- These identities can be signed just like normal user IDs. A photo ID must be in JPEG
- format and is recommended to be no larger than 240x288 pixels.</para>
- <para>
- If the chosen image is not of the required file type or size <application>&app;</application>
- can resize and convert it on the fly from
- any image format supported by the <acronym>GDK</acronym> library.
- </para>
- </sect2>
-
- <sect2 id="change-passphrase">
- <title>Changing the Passphrase</title>
- <para>
- To change the passphrase assigned to a key:
- <itemizedlist>
- <listitem>
- <para>
- Select the key from the main window,
- </para>
- </listitem>
- <listitem>
- <para>
- Double click on it or choose <guilabel>Properties</guilabel> from the toolbar,
- </para>
- </listitem>
- <listitem>
- <para>
- Click on <guibutton>Change Passphrase</guibutton>.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- <para>
- Enter the new passphrase and click <guibutton>OK</guibutton>.
- </para>
- </sect2>
-
- <sect2 id="delete">
- <title>Deleting a Key</title>
- <para>
- To delete a key from your keyring:
- <itemizedlist>
- <listitem>
- <para>
- Select the key from the main window,
- </para>
- </listitem>
- <listitem>
- <para>
- Right click on it and choose <guilabel>Delete Key</guilabel>
- or choose
- <menuchoice>
- <guimenu>Edit</guimenu>
- <guimenuitem>Delete Key</guimenuitem>
- </menuchoice>.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- <note>
- <para>
- You can delete your keys, trusted keys and collected keys.
- </para>
- </note>
- </sect2>
- </sect1>
-
- <sect1 id="subkey-properties">
- <title>OpenPGP Subkey Properties</title>
- <para>
- Each OpenPGP key has a single master key used
- to sign only. Subkeys are used to encrypt and
- to sign as well. In this way, if your sub key is
- compromised, you don't need to revoke your master key.
- </para>
- <variablelist>
- <varlistentry>
- <term><guilabel>ID</guilabel></term>
- <listitem>
- <para>
- This is the identifier of the subkey.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Type</guilabel></term>
- <listitem>
- <para>
- Specifies the encryption algorithm used to generate a subkey.
- <acronym>DSA</acronym> keys can only sign, ElGamal
- keys are used to encrypt while <acronym>RSA</acronym> keys are
- used to sign or to encrypt.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Created</guilabel></term>
- <listitem>
- <para>
- Indicates the date the key was created.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Expires</guilabel></term>
- <listitem>
- <para>
- Indicates the date the key can no longer be used.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Status</guilabel></term>
- <listitem>
- <para>
- Indicates the status of the key.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Strength</guilabel></term>
- <listitem>
- <para>
- Indicates the length in bits of the key. In general the longer the key, the more security it
- provides.
- <note>
- <para>
- A long key is not enough to make up for the use of a weak passphrase.
- </para>
- </note>
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
-
- <sect2 id="add-subkey">
- <title>Adding a Subkey</title>
- <para>
- To add a subkey to a key, from the <guilabel>Subkeys</guilabel>
- section click on <guibutton>Add</guibutton> button.
- </para>
- <para>
- After following the instructions above, you will be presented with a
- dialog to fill in. The fields are detailed below.
- </para>
- <variablelist>
- <varlistentry>
- <term>Key Type</term>
- <listitem>
- <para>
- Specifies the encryption algorithm used to generate a subkey.
- </para>
- <variablelist>
- <varlistentry>
- <term><acronym>DSA</acronym></term>
- <listitem>
- <para>
- Use the <emphasis>Digital Signature Algorithm</emphasis>
- (<acronym>DSA</acronym>) to create the subkey.
- This subkey can sign only.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>ElGamal</term>
- <listitem>
- <para>
- Use the <emphasis>ElGamal</emphasis> algorithm to create the subkey.
- This subkey can encrypt only.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>RSA</term>
- <listitem>
- <para>
- Use the <emphasis>Rivest-Shamir Adleman</emphasis> (<acronym>RSA</acronym>)
- algorithm to create the subkey. This subkey can be used to sign or encrypt,
- but you have to create two different subkeys.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>Key Length</term>
- <listitem>
- <para>
- Indicates the length in bits of the subkey.
- In general the longer the key, the more security it provides.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>Expiration Date</term>
- <listitem>
- <para>
- Indicates the date the subkey can no longer be used.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </sect2>
-
- <sect2 id="change-subkey-expires">
- <title>Changing a Subkey Expiration Date</title>
- <para>
- To change a subkey expiration date, select
- the subkey from the <guilabel>Subkeys</guilabel>
- section, then:
- <itemizedlist>
- <listitem>
- <para>
- Click on the <guibutton>Expire</guibutton> button on the left,
- </para>
- </listitem>
- <listitem>
- <para>
- From the date dialog choose the new expiration date or select
- <guilabel>Never expires</guilabel> for no expiration date.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </sect2>
-
- <sect2 id="revoke-subkey">
- <title>Revoking a Subkey</title>
- <para>
- To revoke a subkey, select the subkey from the <guilabel>Subkeys</guilabel>
- section, then:
- <itemizedlist>
- <listitem>
- <para>
- Click on the <guibutton>Revoke</guibutton> button on the left,
- </para>
- </listitem>
- <listitem>
- <para>
- Choose a reason why to revoke the subkey:
- </para>
- <para>
- <variablelist>
- <varlistentry>
- <term>No Reason</term>
- <listitem>
- <para>
- There isn't a specific reason to revoke the key.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>Compromised</term>
- <listitem>
- <para>
- The key has been compromised.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>Superseded</term>
- <listitem>
- <para>
- The key has been superseded by another one.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>Not Used</term>
- <listitem>
- <para>
- The key is not used anymore.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </para>
- </listitem>
- <listitem>
- <para>
- Enter a description of why you are revoking the key,
- </para>
- </listitem>
- <listitem>
- <para>
- Click on <guibutton>Revoke</guibutton>.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- <note>
- <para>
- The effect of revoking a subkey is immediate.
- </para>
- </note>
- </sect2>
-
- <sect2 id="delete-subkey">
- <title>Deleting a Subkey</title>
- <para>
- To delete a subkey, select the subkey from the <guilabel>Subkeys</guilabel>
- section, then:
- <itemizedlist>
- <listitem>
- <para>
- Click on the <guibutton>Delete</guibutton> button on the left.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </sect2>
- </sect1>
-
- <sect1 id="ssh-key-properties">
- <title>Secure Shell Key Properties</title>
- <para>
- The descriptions in this section apply to all <acronym>SSH</acronym> keys.
- </para>
- <para>
- To view properties of a <acronym>SSH</acronym> key:
- <itemizedlist>
- <listitem>
- <para>
- Select the Secure Shell key
- from the main window,
- </para>
- </listitem>
- <listitem>
- <para>
- Double click on it or choose <guilabel>Properties</guilabel>
- from the toolbar,
- </para>
- </listitem>
- <listitem>
- <para>
- Select the <guilabel>Details</guilabel> tab.
- </para>
- </listitem>
- </itemizedlist>
- </para>
-
- <sect2 id="properties">
- <title>Properties</title>
- <para>
- <variablelist>
- <varlistentry>
- <term><guilabel>Fingerprint</guilabel></term>
- <listitem>
- <para>
- The fingerprint is a unique string of
- characters that exactly identifies a key.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Algorithm</guilabel></term>
- <listitem>
- <para>
- Specifies the encryption algorithm used to
- generate a key.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Location</guilabel></term>
- <listitem>
- <para>
- This is the location where the
- <emphasis>private key</emphasis>
- has been stored.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guilabel>Strength</guilabel></term>
- <listitem>
- <para>
- Indicates the length in bits of a key.
- In general the longer the key, the more
- security it provides.
- <note>
- <para>
- A long key is not enough to make up
- for the use of a weak passphrase.
- </para>
- </note>
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </para>
- </sect2>
-
- <sect2 id="delete-ssh-key">
- <title>Deleting a Secure Shell Key</title>
- <para>
- To delete a Secure Shell key:
- <itemizedlist>
- <listitem>
- <para>
- Select the <acronym>SSH</acronym> key from the main window,
- </para>
- </listitem>
- <listitem>
- <para>
- Right click on it and choose <guilabel>Delete key</guilabel> or choose
- <menuchoice>
- <guimenu>Edit</guimenu>
- <guimenuitem>Delete Key</guimenuitem>
- </menuchoice>.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </sect2>
- </sect1>
-
- <sect1 id="import">
- <title>Importing Keys</title>
- <para>
- To import keys choose
- <menuchoice>
- <guimenu>Key</guimenu>
- <guimenuitem>Import</guimenuitem>
- </menuchoice> and select, from the file chooser, a file containing at least one ASCII armored public key.
- </para>
- <para>
- Importing can also be performed by pasting the keys inside <application>&app;</application>:
- <itemizedlist>
- <listitem>
- <para>
- Select an ASCII armored public block of text,
- </para>
- </listitem>
- <listitem>
- <para>
- Copy it to the clipboard,
- </para>
- </listitem>
- <listitem>
- <para>
- Choose
- <menuchoice>
- <guimenu>Edit</guimenu>
- <guimenuitem>Paste Keys</guimenuitem>
- </menuchoice>.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </sect1>
-
- <sect1 id="export">
- <title>Exporting Keys</title>
- <para>
- To export keys, select the keys in the main window
- and choose
- <menuchoice>
- <guimenu>Key</guimenu>
- <guimenuitem>Export</guimenuitem>
- </menuchoice>.
- </para>
- <para>
- You can also export keys to the clipboard in an
- ASCII armored block of text:
- <itemizedlist>
- <listitem>
- <para>
- Select the keys in the main window,
- </para>
- </listitem>
- <listitem>
- <para>
- Choose
- <menuchoice>
- <guimenu>Edit</guimenu>
- <guimenuitem>Copy Keys</guimenuitem>
- </menuchoice>.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </sect1>
-
- <sect1 id="backup">
- <title>Backing up Keyrings</title>
- <para>
- To back up your public and private keyrings to an archived file:
- <itemizedlist>
- <listitem>
- <para>
- Choose
- <menuchoice>
- <guimenu>Key</guimenu>
- <guimenuitem>Back up Keyrings</guimenuitem>
- </menuchoice>,
- </para>
- </listitem>
- <listitem>
- <para>
- Enter a file name with a valid archive extension and specify the
- location to save the archive.
- </para>
- </listitem>
- </itemizedlist>
- <note>
- <para>
- You can choose any of the archive types
- <application>file-roller</application>
- supports.
- </para>
- </note>
- </para>
- </sect1>
-
- <sect1 id="sign">
- <title>Signing a Key</title>
- <para>
- Signing another person's key means you are giving trust to that person.
- Before signing a key, you have to carefully check the key's fingerprint
- to be sure that the key really belongs to that person.
- </para>
- <para>
- To sign a key in your keyring:
- <itemizedlist>
- <listitem>
- <para>
- Select the key you want to sign from the
- <guilabel>Trusted Keys</guilabel> or
- <guilabel>Other Collected Keys</guilabel> tabs,
- </para>
- </listitem>
- <listitem>
- <para>
- Choose <guibutton>Sign</guibutton> from the toolbar
- or <menuchoice>
- <guimenu>Key</guimenu>
- <guimenuitem>Sign</guimenuitem>
- </menuchoice>,
- </para>
- </listitem>
- <listitem>
- <para>
- Select how carefully the key has been checked,
- </para>
- </listitem>
- <listitem>
- <para>
- Indicate if the signature should be local to your keyring,
- and if your signature can be revoked,
- </para>
- </listitem>
- <listitem>
- <para>
- Click on <guibutton>Sign</guibutton>.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </sect1>
-
<sect1 id="file-manager">
<title>File Manager Integration</title>
<para>
@@ -1394,7 +228,7 @@
<sect1 id="text-editor">
<title>Text Editor Integration</title>
<para>
- To enable Text Encryption plugin in <application><ulink url="ghelp:gedit" type="help">Gedit</ulink></application>, the GNOME text editor, perform the following steps:
+ To enable the Text Encryption plugin in <application><ulink url="ghelp:gedit" type="help">Gedit</ulink></application>, the GNOME text editor, perform the following steps:
<itemizedlist>
<listitem>
<para>
@@ -1492,72 +326,114 @@
</para>
</sect2>
</sect1>
-
- <sect1 id="preferences">
- <title>Preferences</title>
+ <sect1 id="web-browser">
+ <title>Web Browser Integration</title>
<para>
- This section describes the preferences settable in <application>&app;</application>.
+ This extension allows encryption, decryption, signing and importing of the contents of text fields.
</para>
-
- <sect2 id="view-preferences">
- <title>View preferences</title>
+ <para>
+ To enable the encryption extension in <application><ulink url="ghelp:epiphany-browser" type="help">Epiphany Web Browser</ulink></application>, the GNOME web browser, perform the following steps:
+ <itemizedlist>
+ <listitem>
+ <para>
+ Run <application>Epiphany Web Browser</application> by choosing
+ <menuchoice>
+ <guimenu>Applications</guimenu>
+ <guimenuitem>Internet</guimenuitem>
+ <guimenuitem>Epiphany Web Browser</guimenuitem>
+ </menuchoice>,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Choose
+ <menuchoice>
+ <guimenu>Tools</guimenu>
+ <guimenuitem>Extensions</guimenuitem>
+ </menuchoice>,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Select the <guilabel>Seahorse</guilabel> plugin.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ <sect2 id="encrypt-wb">
+ <title>Encrypting Text</title>
<para>
- These options control wich columns are visible in the key manager.
+ To encrypt the contents of a text text input field in <application>Epiphany Web Browser</application>, perform the following steps:
+ <itemizedlist>
+ <listitem>
+ <para>
+ Right click in the text input field you want to encrypt, and choose
+ <menuchoice>
+ <guimenuitem>Encrypt</guimenuitem>
+ </menuchoice>,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Select the people you want to encrypt the text to, and click <guilabel>OK</guilabel>.
+ </para>
+ </listitem>
+ </itemizedlist>
+ The encrypted text will now appear in the text input field.
</para>
+ </sect2>
+ <sect2 id="sign-wb">
+ <title>Signing Text</title>
<para>
- To access this options choose
- <menuchoice>
- <guimenu>View</guimenu>
- </menuchoice>
- from the menubar.
+ To sign the contents of a text input field in <application>Epiphany Web Browser</application>, perform the following steps:
+ <itemizedlist>
+ <listitem>
+ <para>
+ Right click in the text input field you want to sign and choose
+ <menuchoice>
+ <guimenuitem>Sign</guimenuitem>
+ </menuchoice>,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Insert, if asked, the passphrase of your private key.
+ </para>
+ </listitem>
+ </itemizedlist>
+ The signed text will now appear in the text input field.
</para>
+ </sect2>
+ <sect2 id="decryptverify-wb">
+ <title>Decrypting/Verifing Text</title>
<para>
- <variablelist>
- <varlistentry>
- <term><guimenuitem>Types</guimenuitem></term>
- <listitem>
- <para>
- Shows the <guilabel>Type</guilabel> column, indicating whether the key
- is an OpenPGP, SSH key or a S/MIME certificate.
- </para>
- <note>
- <para>
- Certificates are not yet supported.
- </para>
- </note>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guimenuitem>Expiry</guimenuitem></term>
- <listitem>
- <para>
- Shows the <guilabel>Expiration Date</guilabel> column, indicating the date
- after which a key can no longer be used to encrypt or to sign.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guimenuitem>Trust</guimenuitem></term>
- <listitem>
- <para>
- Shows the <guilabel>Trust</guilabel> column, indicating the level at which you trust
- the person to verify the identity of other people when they sign keys.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><guimenuitem>Validity</guimenuitem></term>
- <listitem>
- <para>
- Shows the <guilabel>Validity</guilabel> column, indicating how well you know the key belongs to
- the person claiming it as their own.
+ To decrypt and/or verify the contents of a text input field in <application>Epiphany Web Browser</application>, perform the following steps:
+ <itemizedlist>
+ <listitem>
+ <para>
+ Right click in the text input field you want to decrypt/verify and choose
+ <menuchoice>
+ <guimenuitem>Decrypt/Verify</guimenuitem>
+ </menuchoice>,
</para>
- </listitem>
- </varlistentry>
- </variablelist>
+ </listitem>
+ <listitem>
+ <para>
+ Insert, if asked, the passphrase of your private key.
+ </para>
+ </listitem>
+ </itemizedlist>
+ The decrypted text will now appear in the text input field.
</para>
</sect2>
-
+ </sect1>
+
+ <sect1 id="preferences">
+ <title>Preferences</title>
+ <para>
+ This section describes the preferences settable in <application>&app;</application>.
+ </para>
+
<sect2 id="encrypt-pref">
<title>Encryption Preferences</title>
<para>
@@ -1565,12 +441,8 @@
<menuchoice>
<guimenu>System</guimenu>
<guimenuitem>Preferences</guimenuitem>
- <guimenuitem>Encryption Preferences</guimenuitem>
- </menuchoice> from the panel or
- <menuchoice>
- <guimenu>Edit</guimenu>
- <guimenuitem>Preferences</guimenuitem>
- </menuchoice> from within <application>&app;</application>.
+ <guimenuitem>Encryption and Keyrings</guimenuitem>
+ </menuchoice> from the panel.
</para>
<sect3 id="prefs">
@@ -1582,7 +454,7 @@
<term><guilabel>Default Key</guilabel></term>
<listitem>
<para>
- This is the key that will be used by <application>&app;</application> to sign files.
+ This is the key that will be used by applications and plugins to sign files.
It will also be the key that files will be encrypted to
if encrypt to self is selected.
</para>
@@ -1593,7 +465,7 @@
<listitem>
<para>
Sets the encrypt to self option, whether or not you will be added to the recipients list for
- all files encrypted by <application>&app;</application>.
+ all files that are encrypted.
</para>
<note>
<para>
@@ -1609,9 +481,9 @@
<sect3 id="password-cache">
<title>Passphrase Cache</title>
<para>
- Enabling <application>&app;</application>'s passphrase caching ability will allow you to
+ Enabling the passphrase caching ability will allow you to
perform many operations that require entering your passphrase without
- re-entering it every time. <command>seahorse-daemon</command> takes the
+ re-entering it every time. <command>seahorse-agent</command> takes the
place of <command>gpg-agent</command>. Letting the cached passphrases
expire is usually a good idea. This will then require re-entering your
passphrase, but adds security.
@@ -1659,89 +531,15 @@
</listitem>
</varlistentry>
</variablelist>
- </sect3>
-
- <sect3 id="key-servers">
- <title>Key Servers</title>
- <para>
- Keep your and other's keys up to date by syncing keys periodically with
- remote keyservers. Syncing will make sure that you have the latest
- signatures made on all of your keys so that the web of trust will be the
- most useful.
- </para>
- <para>
- <application>&app;</application> provides support for HKP and LDAP keyservers.
- </para>
- <variablelist>
- <varlistentry>
- <term><emphasis>HKP Servers</emphasis></term>
- <listitem>
- <para>
- HKP keyservers are ordinary web based keyservers such as the
- popular <ulink url="hkp://pgp.mit.edu:11371" type="hkp">hkp://pgp.mit.edu:11371</ulink>, also accessible at
- <ulink url="http://pgp.mit.edu"; type="http">http://pgp.mit.edu</ulink>.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><emphasis><acronym>LDAP</acronym> Keyservers</emphasis></term>
- <listitem>
- <para>
- <acronym>LDAP</acronym> keyservers are less common, but use the standard LDAP
- protocol to serve keys.
- <ulink url="ldap://keyserver.pgp.com"; type="ldap">ldap://keyserver.pgp.com</ulink> is a good LDAP
- server.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </sect3>
-
- <sect3 id="key-sharing">
- <title>Key Sharing</title>
- <para>
- Key Sharing is provided by DNS-SD, also known as Bonjour or Rendevous.
- Enabling key sharing will add the local <application>&app;</application> users' public key rings
- to the remote search dialog. Using these local "key servers" will most
- likely be faster than accessing remote servers.
- </para>
- </sect3>
-
- <sect3 id="keyring">
- <title>GNOME Keyring</title>
- <para>
- You can change the password of the default key ring created
- the first time you saved a password, a passphrase to
- access a SSH server or any other secret during a GNOME
- session.
- </para>
- <para>
- To change the master password of the key ring, type the
- original password in the <guilabel>Original Master
- Password</guilabel> text box, the new password in the
- <guilabel>New Master Password</guilabel> text box and
- confirm it in the <guilabel>Confirm Master
- Password</guilabel> text box. To apply the settings, press
- <guibutton>Apply</guibutton>.
- If the original master password is correct, you will get a status
- message indicating the success of the operation. If the
- master password is not correct you will be asked to check
- its correctness.
- </para>
- <para>
- To clear all the text boxes,
- press <guibutton>Clear</guibutton>.
- </para>
- </sect3>
-
+ </sect3>
</sect2>
</sect1>
<sect1 id="about">
<title>About &app;</title>
<para>
- <application>&app;</application>, its associated plugins, the preferences applet and the panel
- applet are known collectively as &project;. &project; was written by Jacob Perkins. The current
+ <application>Passwords and Encryption Keys</application>, its associated plugins, the preferences applet and the panel
+ applet are known collectively as the &project;. The original author of the &project; is Jacob Perkins. The current
maintainers are Stef Walter and Adam Schreiber. This manual is by Adam Schreiber. The project's web
site was designed by Jim Pharis. To find more information about &project;, the project , please visit
the <ulink url="http://www.gnome.org/projects/seahorse/"; type="http">&project; web page</ulink>.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
