• Immutable Page
• Info
• Attachments
• More Actions: Raw Text Print View Render as Docbook Delete Cache ------------------------ Check Spelling Like Pages Local Site Map ------------------------ Rename Page Delete Page ------------------------ Subscribe User ------------------------ Remove Spam Revert to this revision Package Pages Sync Pages ------------------------ Load Save SlideShow

OpenPGP allows you to sign documents, such as emails or text files, using a digital key. Launchpad uses OpenPGP during a small number of tasks where it's important to confirm your identity.

You can use most of Launchpad without OpenPGP. However, if you want to sign the Ubuntu Code of Conduct or use the Bug Tracker's email interface, you need to register an OpenPGP key in your Launchpad account.

Creating your OpenPGP keys

OpenPGP uses two types of digital key: one public, one private. Each time you sign a document, OpenPGP appends a unique code to it, produced using the private key. That unique code is your digital signature and can be opened only with the public key.

You can generate both keys using the GPG tool. If you're running Ubuntu, and most other Linux-based operating systems, GPG is ready to use.

Note: This guide is written for GPG 1.4.3, supplied with Ubuntu 6.10. If your version of GPG differs significantly, you may prefer to follow the [http://www.gnupg.org/gph/en/manual.html#AEN26 GPG manual].

Step 1: Open a terminal (the command prompt) and type:

gpg --gen-key

Step 2: GPG will now ask you a number of questions about the type of key you want to generate. Don't worry, follow the steps below to select the default option each time.

The first question asks what type of key you want to generate. Press Enter to select the default.

Step 3: Press Enter again, to select the default key size.

Step 4: You can choose to set an expiry date for your key. Expiry dates are useful if you're dealing with highly secure content. Press Enter to choose a non-expiring key, then press y followed by Enter to confirm.

Step 5: To help identify your key, GPG combines your name, email address and any comment you choose. Enter your real name, when prompted, then press Enter.

Step 6: Enter the email address that you're most likely to use with your Launchpad account, then press Enter.

Step 7: Optionally, enter a comment, such as My main OpenPGP key, then press Enter.

Step 8: GPG will show you its proposed id for the key. For example:

You selected this USER-ID:
    "Matthew Revell (My test OpenPGP key) <test@matthewrevelltest.com>"

If you're happy with the id, press the letter O (for Okay), then Enter.

Step 9: You must protect your key with a password. Enter, then confirm, a password that other people can't easily guess but that is memorable to you.

Important: If you forget this password there is no way to retrieve it and your key will become useless.

Step 10: GPG will now generate your keys. To increase the strength of your keys, you should type randomly on your keyboard. This gives GPG extra data from which to generate your keys.

Your keys are now stored as public.key and private.key in the current directory.

Step 11: Check that your key has been generated by typing gpg --list-keys and, if successful, you'll see a message similar to:

/home/matthew/.gnupg/pubring.gpg
--------------------------------

pub   1024D/12345678 2007-01-26
uid                  Matthew Revell (My test OpenPGP key) <test@matthewrevelltest.com>
sub   2048g/9ABCDEF1 2007-01-26

Make a note of the pub id, which is 1024D/13245678 in the example above.

Step 12: Launchpad doesn't store your key directly, so you need to export your public key to a key server, such as keyserver.ubuntu.com:

gpg --send-keys --keyserver keyserver.ubuntu.com 12345678

Replace 12345678 with the pub id you noted in step 11. If successful, GPG will display a message similar to:

gpg: sending key 12345678 to hkp server keyserver.ubuntu.com