Objective 110.3: Securing Data with Encryption
The best way to communicate securely between two Linux systems is via SSH. SSH can be run either as a command line, opening up a shell into another system, or as a wrapper around other TCP-based applications.
SSH supports multiple authentication schemes, including standard username/password and public/private key authentication.
The command ssh-keygen –t dsa will create a public/private keypair. The keys are stored as ~/.ssh/id_dsa (private key) and ~/.ssh/id_dsa.pub (public key).
Placing a copy of your public key in the file ~/.ssh/authorized_keys2 on a remote machine will allow you to perform passwordless, key-based authentication with that machine.
The command gpg --gen-key will create a public/private key pair to use with the Gnu Privacy Guard (GPG). These keys will be stored in ~/.gnupg/.
To encrypt a file with another user’s public key, you must:
Import the user’s public key into your keyring: gpg --import bobskey.asc
Use that key to encrypt a file: gpg –e –u “My Name” –r “Bobs Name” /tmp/filename.txt