Each OpenPGP key has a single master key used to sign only. A subkey is used to encrypt and to sign as well. In this way, if your subkey is compromised, you don't need to revoke your master key.
- ID
-
This is the identifier of the subkey.
- Type
-
Specifies the encryption algorithm used to generate a subkey. DSA keys can only sign, ElGamal keys are used to encrypt while RSA keys are used to sign or to encrypt.
- Created
-
Indicates the date the key was created.
- Expires
-
Indicates the date the key can no longer be used.
- Status
-
Indicates the status of the key.
- Strength
-
Indicates the length in bits of the key. In general the longer the key, the more security it provides.
A long key is not enough to make up for the use of a weak passphrase.
To add a subkey to a key, from the Subkeys section click on Add button.
After following the instructions above, you will be presented with a dialogue to fill in. The fields are detailed below.
- Key Type
-
Specifies the encryption algorithm used to generate a subkey.
- DSA
-
Use the Digital Signature Algorithm (DSA) to create the subkey. This subkey can sign only.
- ElGamal
-
Use the ElGamal algorithm to create the subkey. This subkey can encrypt only.
- RSA
-
Use the Rivest-Shamir Adleman (RSA) algorithm to create the subkey. This subkey can be used to sign or encrypt, but you have to create two different subkeys.
- Key Length
-
Indicates the length in bits of the subkey. In general the longer the key, the more security it provides.
- Expiration Date
-
Indicates the date the subkey can no longer be used.
To change a subkey expiration date, select the subkey from the Subkeys section, then:
-
Click on the Expire button on the left,
-
From the date dialogue choose the new expiration date or select Never expires for no expiration date.
To revoke a subkey, select the subkey from the Subkeys section, then:
-
Click on the Revoke button on the left,
-
Choose a reason why to revoke the subkey:
- No Reason
-
There isn't a specific reason to revoke the key.
- Compromised
-
The key has been compromised.
- Superseded
-
The key has been superseded by another one.
- Not Used
-
The key is not used anymore.
-
Enter a description of why you are revoking the key,
-
Click on Revoke.
The effect of revoking a subkey is immediate.
To delete a subkey, select the subkey from the Subkeys section, then:
-
Click on the Delete button on the left.
About
Copyrights
- Copyright © 2005, 2006, 2007, 2008, 2009 Jacob Perkins and Adam Schreiber
- Copyright © 2007 David Lodge (dave@cirt.net)
Legal Notice
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation Licence (GFDL), Version 1.1 or any later version published by the Free Software Foundation with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. You can find a copy of the GFDL at this link or in the file COPYING-DOCS distributed with this manual.
This manual is part of a collection of GNOME manuals distributed under the GFDL. If you want to distribute this manual separately from the collection, you can do so by adding a copy of the licence to the manual, as described in section 6 of the licence.
Many of the names used by companies to distinguish their products and services are claimed as trademarks. Where those names appear in any GNOME documentation, and the members of the GNOME Documentation Project are made aware of those trademarks, then the names are in capital letters or initial capital letters.
DOCUMENT AND MODIFIED VERSIONS OF THE DOCUMENT ARE PROVIDED UNDER THE TERMS OF THE GNU FREE DOCUMENTATION LICENCE WITH THE FURTHER UNDERSTANDING THAT:
-
DOCUMENT IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENT OR MODIFIED VERSION OF THE DOCUMENT IS FREE OF DEFECTS MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY AND PERFORMANCE OF THE DOCUMENT OR MODIFIED VERSION OF THE DOCUMENT IS WITH YOU. SHOULD ANY DOCUMENT OR MODIFIED VERSION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER, AUTHOR OR ANY CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENCE. NO USE OF ANY DOCUMENT OR MODIFIED VERSION OF THE DOCUMENT IS AUTHORISED HEREUNDER EXCEPT UNDER THIS DISCLAIMER; AND
-
UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE), CONTRACT OR OTHERWISE, SHALL THE AUTHOR, INITIAL WRITER, ANY CONTRIBUTOR OR ANY DISTRIBUTOR OF THE DOCUMENT OR MODIFIED VERSION OF THE DOCUMENT OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR LOSSES ARISING OUT OF OR RELATING TO USE OF THE DOCUMENT AND MODIFIED VERSIONS OF THE DOCUMENT, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES.
Feedback
To report a bug or make a suggestion regarding the Passwords and Encryption Keys application or this manual, follow the directions in the GNOME Feedback Page.