- Print
- PDF
Download and install the GnuPG command line tools for your operating system. It is commonly advisable to install the latest version for your operating system.
Checking for existing GnuPG keys
Prior to generating a GnuPG key, check to see if you have any existing GnuPG keys.
Open the console.
Use the
gpg --list-secret-keys --keyid-format=long
command to display the long form of the GnuPG keys for which you have both a public and private key. Note that a private key is needed to read encrypted files (such as encrypted PCAP files that will get produced on sensors).
$ gpg --list-secret-keys --keyid-format=long
Note: Some GnuPG installations on Linux may necessitate you to use
gpg2 --list-keys --keyid-format=long
to observe a list of your existing keys instead. In this instance you will also need to configure Git to use gpg2
by running git config --global gpg.program gpg2
.- Verify the command output to detect if you have a GnuPG key pair.
gpg --list-secret-keys --keyid-format=long
/home/jdoe/.gnupg/pubring.kbx
------------------------------------
sec 4096R/E112110E159CAAF7 2020-01-01 [expires: 2025-01-01]
uid John Doe
ssb 4096R/B190940F788985D2 2020-01-01
- If there are no GnuPG key pairs, simply generate a new GnuPG key.
Note: Some GnuPG installations on Linux may necessitate you to use
gpg2 --list-keys --keyid-format LONG
in order to instead observe a list of your existing keys. In this case you will also need to configure Git to use gpg2
by running git config --global gpg.program gpg2
.- From the list of GnuPG keys, copy the long form of the GnuPG key ID that you would like to use. For this example, the GnuPG key ID is
E112110E159CAAF7
:
gpg --list-secret-keys --keyid-format=long
/home/jdoe/.gnupg/pubring.kbx
------------------------------------
sec 4096R/E112110E159CAAF7 2020-01-01 [expires: 2025-01-01]
uid John Doe
ssb 4096R/B190940F788985D2 2020-01-01
- Paste the text below, replacing with the GnuPG key ID that you would like to use. For this example, the GnuPG key ID is
E112110E159CAAF7
:
$ gpg --armor --export `E112110E159CAAF7`
# Prints the GPG key ID, in ASCII armor format
Copy your GnuPG key, starting with
-----BEGIN PGP PUBLIC KEY BLOCK-----
and ending with-----END PGP PUBLIC KEY BLOCK-----
.Write the GnuPG key to a file, and upload this file in the proper Analytics setting panel.
Generating a new GnuPG key
If you don't already have a GnuPG key, you can generate a new GnuPG key and seen next.
Generating a GnuPG key
Note: Prior to generating a new GnuPG key, ensure that the key is not be expired (an example expiration date is indicated in the GnuPG command output above;
expires: 2025-01-01
).Open the console.
Generate a GnuPG key pair. Because there are numerous GnuPG versions, you may have to refer to the applicable man page in order to locate the relevant key generation command. Note that the key must use RSA.
- If you are on version 2.1.17 or greater, paste the text below in order to generate a GnuPG key pair.
$ gpg --full-generate-key
- If you are not on version 2.1.17 or greater, the gpg -full-generate-key command will not work. Simply paste the text below and then jump to step 5.
$ gpg --default-new-key-algo rsa4096 --gen-key
Once at the prompt, determine the kind of key you would like, or simply press Enter to accept the default.
At the prompt, determine the key size that you would like, or press Enter to accept the default. Note that your key must be 4096 bits at the minimum.
Enter the length of time the key should be valid. Press Enter to specify the default selection and signify that the key does not expire.
Validate that your selections are accurate.
Enter your user ID information.
Create a secure passphrase.
Use the
gpg --list-secret-keys --keyid-format=long
command in order to list the long form of the GnuPG keys for which you have both a public and private key.
$ gpg --list-secret-keys --keyid-format=long
Note: Some GnuPG installations on Linux may necessitate you to use
gpg2 --list-keys --keyid-format LONG
in order to instead observe a list of your existing keys. In this case you will also need to configure Git to use gpg2
by running git config --global gpg.program gpg2
.- From the list of GnuPG keys, copy the long form of the GnuPG key ID that you would like to use. For this example, the GnuPG key ID is
E112110E159CAAF7
:
gpg --list-secret-keys --keyid-format=long
/home/jdoe/.gnupg/pubring.kbx
------------------------------------
sec 4096R/E112110E159CAAF7 2020-01-01 [expires: 2025-01-01]
uid John Doe
ssb 4096R/B190940F788985D2 2020-01-01
- Paste the text below, replacing with the GnuPG key ID that you would like to use. For this example, the GnuPG key ID is
E112110E159CAAF7
:
$ gpg --armor --export `E112110E159CAAF7`
# Prints the GPG key ID, in ASCII armor format
Copy your GnuPG key, starting with
-----BEGIN PGP PUBLIC KEY BLOCK-----
and ending with-----END PGP PUBLIC KEY BLOCK-----
.Write the GnuPG key to a file, and upload this file in the proper Analytics setting panel.
Adding a new GnuPG key to (relevant setting panel in the UI)
TBD
© 2024 Cisco and/or its affiliates. All rights reserved.
For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms
For legal information about Accedian Skylight products, please visit: Accedian legal terms and tradmarks