Beyond Linux® From Scratch - Version 6.3

Chapter 4. Security

GnuPG-2.0.8

Introduction to GnuPG 2

The GnuPG 2 package is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described by several RFCs. GnuPG 2 is the stable version of GnuPG integrating support for OpenPGP and S/MIME. It does not conflict with an installed GnuPG-1.4.7 OpenPGP-only version.

Package Information

GnuPG Dependencies

Required

Pth-2.0.7, Libassuan-1.0.4, Libgcrypt-1.2.4, and Libksba-1.0.2

Optional

OpenLDAP-2.3.39, libusb-0.1.12, cURL-7.16.3, and an MTA

Optional (Run-time Requirement For Most of the Package's Functionality)

PIN-Entry-0.7.3

User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gnupg2

Installation of GnuPG 2

Install GnuPG 2 by running the following commands: 

./configure --prefix=/usr --libexecdir=/usr/lib/gnupg2 &&
make

If you have teTeX-3.0 installed and you wish to create documentation in alternate formats, issue the following commands: 

make -C doc pdf ps html &&
makeinfo --html --no-split -o doc/gnupg_nochunks.html doc/gnupg.texi &&
makeinfo --plaintext       -o doc/gnupg.txt           doc/gnupg.texi

To test the results, issue: make check.

Now, as the root user: 

make install &&

install -v -m755 -d         /usr/share/doc/gnupg-2.0.8 &&
ln -sv ../../gnupg/FAQ      /usr/share/doc/gnupg-2.0.8 &&
ln -sv ../../gnupg/faq.html /usr/share/doc/gnupg-2.0.8 &&

install -v -m644 doc/{DETAILS,KEYSERVER,OpenPGP,TRANSLATE} \
                            /usr/share/doc/gnupg-2.0.8

If you created alternate formats of the documentation, install it using the following command as the root user: 

install -v -m755 -d /usr/share/doc/gnupg-2.0.8/html       &&
install -v -m644 doc/gnupg.html/* \
                    /usr/share/doc/gnupg-2.0.8/html       &&
install -v -m644 doc/gnupg_nochunks.html \
                    /usr/share/doc/gnupg-2.0.8/gnupg.html &&
install -v -m644 doc/*.texi \
                    /usr/share/doc/gnupg-2.0.8            &&
install -v -m644 doc/gnupg.{pdf,dvi,ps,txt} \
                    /usr/share/doc/gnupg-2.0.8

Command Explanations

--libexecdir=/usr/lib/gnupg2: This switch creates a gnupg directory in /usr/lib instead of /usr/libexec.

Contents

Installed Programs: addgnupghome, applygnupgdefaults, gpg-agent, gpg-connect-agent, gpg2, gpgconf, gpgkey2ssh, gpgparsemail, gpgsm, gpgsm-gencert.sh, gpgv2, kbxutil, scdaemon, symcryptrun, and watchgnupg
Installed Libraries: None
Installed Directories: /usr/lib/gnupg2, /usr/share/gnupg and /usr/share/doc/gnupg2-2.0.8

Short Descriptions

addgnupghome

is used to create and populate user's ~/.gnupg directories

applygnupgdefaults

is a wrapper script used to run gpgconf with the --apply-defaults parameter on all user's GnuPG home directories.

gpg-agent

is a daemon used to manage secret (private) keys independently from any protocol. It is used as a backend for gpg and gpgsm as well as for a couple of other utilities.

gpg-connect-agent

is a utility used to communicate with a running gpg-agent.

gpg2

is the OpenPGP part of the GNU Privacy Guard (GnuPG). It is a tool used to provide digital encryption and signing services using the OpenPGP standard.

gpgconf

is a utility used to automatically and reasonable safely query and modify configuration files in the ~/.gnupg home directory. It is designed not to be invoked manually by the user, but automatically by graphical user interfaces.

gpgparsemail

is a utility currently only useful for debugging. Run it with --help for usage information.

gpgsm

is a tool similar to gpg used to provide digital encryption and signing services on X.509 certificates and the CMS protocol. It is mainly used as a backend for S/MIME mail processing.

gpgsm-gencert.sh

is a simple tool used to interactivly generate a certificate request which will be printed to stdout.

gpgv2

is a verify only version of gpg2.

kbxutil

is used to list, export and import Keybox data.

scdaemon

is a daemon used to manage smartcards. It is usually invoked by gpg-agent and in general not used directly.

symcryptrun

is a simple symmetric encryption tool.

watchgnupg

is used to listen to a Unix Domain socket created by any of the GnuPG tools.

Last updated on 2008-08-24 11:52:33 -0500