Silk Road forums
Discussion => Security => Topic started by: kwantum on August 15, 2013, 05:28 pm
-
I'm aware that most know how to generate a 4096-bit key, but I still want to create a basic tutorial on how to do this because it's important to stay secure as LE improves their decryption capabilites.
1. Search "cmd" in the start bar, right-click, and "run as administrator"
2. Type the following in the terminal
gpg --gen-key
3. You will now be prompted to select the type of key you want from the following selection:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Please type "1", and press enter. This will allow both encryption and signing.
4. Now, you will be asked to enter a keysize. Make sure you type "4096" and press enter.
5. When asked for a key expiration date, press "0" so the key does not expire, press enter, and then type "y" to confirm your selection.
6. GnuPG will now ask for your real name. DO NOT enter your real name; instead, it's a good idea to enter your SR username if this key will only be used for SR.
7. If you have an email address only exclusively for SR, you can input here. Don't add any comments to your key.
8. GPA will now show the following:
Change (N)ame, (C)omment, (E)mail, or (O)kay/(Q)uit?
Please type "O" (the letter), and press enter.
9. You will now be prompted to enter your passphrase. Here are some guidelines to ensure you have a strong password:
A strong password:
has at least 15 characters;
has uppercase letters;
has lowercase letters;
has numbers;
has symbols, such as ` ! " ? $ ? % ^ & * ( ) _ - + = { [ } ] : ; @ ' ~ # | \ < , > . ? /
is not like your previous passwords;
is not your name;
is not your login;
is not your friend’s name;
is not your family member’s name;
is not a dictionary word;
is not a common name;
is not a keyboard pattern, such as qwerty, asdfghjkl, or 12345678.
Please enter your password, and then re-enter it.
10. Your key will now be generated; to increase entropy, move your mouse, type on the keyboard, and perhaps open a program.
ADDITIONAL INFORMATION:
To send an encrypted message to a vendor, please copy the vendor's public key (on his/her profile), open "GPA", and press CTRL+V, which will import the key to your keyring. Then click on "Clipboard", input your message, press "encrypt" and sign from your key. Your message will then be encrypted; send that to your vendor and he/she will be able to decrypt without your public key.
To export your public key (so that a vendor can send you an encrypted message), please open "GPA", right-click on your key, and click "Export key". Open this .asc file with Notepad.
Hopefully this tutorial will help some of the beginners out, and I plan to release some more useful tutorials in the future, so stay tuned!