Most of this series has been independently translated into Portuguese by Rafael Beraldo. Thanks very much, Rafael!
With the growing popularity of operating systems with Linux kernels that do not primarily use GNU components in the base system, this series was retitled to “GNU/Linux Crypto” in May 2017 for less ambiguity and to give proper credit to the GNU Project.
Cryptography for authentication and encryption is a complex and frequently changing field, and for somebody new to using it, it can be hard to know where to start. If you’re a GNU/Linux user comfortable with the terminal, but unfamiliar with the cryptographic tools available to you on open source UNIX-like operating systems, this series of posts aims at getting you set up with some basic tools that will allow you to keep your own information secure, to authenticate conveniently and safely with remote servers, and to work with signed and encrypted files online.
I’ll be working on Debian GNU/Linux, but most of these tools should adapt well to other open source UNIX-likes, including BSD. Please feel free to comment on the articles with details relevant to your own implementations, or with extra security considerations for interested readers.
As a disclaimer, I’m not myself an expert on cryptographic algorithms or key security. If you are, and you find an error or security problem with any of my explanations or suggestions, please let me know and I will correct it and credit you.
I’ll be covering the following topics:
- GnuPG key generation and management
- GnuPG signing, verifying, encryption, and decryption
- SSH key generation and authentication
gpg-agent(1)
,ssh-agent(1)
, and the use ofkeychain(1)
- The
pass(1)
UNIX password manager - Encrypted/signed PGP mail with
mutt(1)
- Encrypted incremental backups with
duplicity(1)
- Encrypted USB drives with LUKS
- The importance of cryptography and its wide use
If you already know about a specific topic, feel free to skip around through the other articles.