Modifying Key Properties

You can modify properties of existing OpenPGP or SSH keys.

Editing OpenPGP Key Properties

The descriptions in this section apply to all OpenPGP keys.

  1. Click Computer+More Applications+Utilities+Passwords and Encryption Keys.

  2. Double-click the PGP key you want to view or edit. (or select the key, then click on Properties in toolbar).

  3. Use the options on theOwner tab to add a photo to the key or to change the passphrase associated with the key.

    Photo IDs allow a key owner to embed one or more pictures of themselves in a key. These identities can be signed just like normal user IDs. A photo ID must be in JPEG format. The recommended size is 120×150 pixels.

    If the chosen image does not meet the required file type or size, Passwords and Encryption Keys can resize and convert it on the fly from any image format supported by the GDK library.

  4. Click the Names and Signatures tab to add a user ID to a key.

    See Section 8.3.1.1, “Adding a User ID” for more information.

  5. Click the Details tab, which contains the following properties:

    Key ID:  The Key ID is similar to the Fingerprint, but the Key ID contains only the last eight characters of the fingerprint. It is generally possible to identify a key with only the Key ID, but sometimes two keys might have the same Key ID.

    Type:  Specifies the encryption algorithm used to generate a key. DSA keys can only sign. ElGamal keys are used to encrypt.

    Strength:  Specifies the length, in bits, of the key. The longer the key, the more security it provides. However, a long key will not compensate for the use of a weak passphrase.

    Fingerprint:  A unique string of characters that exactly identifies a key.

    Created:  The date the key was created.

    Expires:  The date the key can no longer be used (a key can no longer be used to perform key operations after it has expired). Changing a key's expiration date to a point in the future re-enables it. A good general practice is to have a master key that never expires and multiple subkeys that do expire and are signed by the master key.

    Overide Owner Trust:  Here you can set the level of trust in the owner of the key. Trust is an indication of how sure you are of a person's ability to correctly extend the web of trust. When you are faced with a key you have not signed, the validity of that person's key will be determined based on the signatures they have collected and how well or not you trust the people who have made those signatures.

    Exportr Complete Key:  Exports the key to a file.

    Subkeys:  See Section 8.3.1.2, “Editing OpenPGP Subkey Properties” for more information.

  6. Click Close.

Adding a User ID

User IDs allow multiple identities and email addresses to be used with the same key. Adding a user ID is useful, for example, when you want to have an identity for your job and one for your friends. They take the following form:

Name (comment) <e-mail address>
  1. Click Computer+More Applications+Utilities+Passwords and Encryption Keys.

  2. Double-click the PGP key you want to view or edit (or select the key, then click Properties in the toolbar).

  3. Click the Names and Signatures tab, then click Add Name.

  4. Specify a name in the Full Name field.

    You must enter at least five characters in this field.

  5. Specify an email address in the Email Address field.

    Your email address is how most people will locate your key on a key server or other key provider. Make sure it is correct before continuing.

  6. In the Key Comment field, specify additional information that will display in the name of your new ID

    This information can be searched for on key servers.

  7. Click Close.

Editing OpenPGP Subkey Properties

Each OpenPGP key has a single master key used to sign only. Subkeys are used to encrypt and to sign as well. In this way, if your sub key is compromised, you don't need to revoke your master key.

  1. Click Computer+More Applications+Utilities+Passwords and Encryption Keys.

  2. Double-click the PGP key you want to edit (or select the key, then click Properties in the toolbar).

  3. Click the Details tab, then click Subkeys.

  4. Use the button to on the left of the dialog box to add, delete, expire, or revoke subkeys.

    Each subkey has the following information:

    ID:  The identifier of the subkey.

    Type:  Specifies the encryption algorithm used to generate a subkey. DSA keys can only sign, ElGamal keys are used to encrypt, and RSA keys are used to sign or to encrypt.

    Created:  Specifies the date the key was created.

    Expires:  Specifies the date the key can no longer be used.

    Status:  Specifies the status of the key.

    Strength:  Specifies the length, in bits, of the key. The longer the key, the more security it provides. However, a long key will not compensate for the use of a weak passphrase.

  5. Click Close.

Editing Secure Shell Key Properties

The descriptions in this section apply to all SSH keys.

  1. Click Computer+More Applications+Utilities+Passwords and Encryption Keys.

  2. Double-click the Secure Shell key you want to view or edit (or select the key, then click Properties in the toolbar).

  3. Use the options on the Key tab to change the name of the key or the passphrase associated with the key.

  4. Click the Details tab, which contains the following properties:

    Algorithm:  Specifies the encryption algorithm used to generate a key.

    Strength:  Indicates the length in bits of a key. The longer the key, the more security it provides. However, a long key does not make up for the use of a weak passphrase.

    Location:  The location where the private key has been stored.

    Fingerprint:  A unique string of characters that exactly identifies a key.

    Export Complete Key:  Exports the key to a file.

  5. Click Close.