Ubuntu The Complete Reference phần 6 pot

You can use a file manager window to access an FTP site and drag files to local directories to download them.. Network File Transfer: FTP You can transfer extremely large files directly

a compatible set of GNU packages (Java-like) are provided that allow you to run Java applets From the Ubuntu multiverse repository you can install the original JRE and SDK from Sun packaged for Ubuntu

Ubuntu supports a Java-like collection of support packages that enable the use of Java Runtime operations There is no official name for this collection, though it is usually referred

to as java-gci-compat, as well as Java-like This collection provides a free and open source environment, consisting of three packages: GNU Java runtime (libgcj), the Eclipse Java compiler (ecj), and a set of wrappers and links (java-gcj-compat) It is available as part of the Ubuntu main repository Use the gcj-web-plugin for supporting Java in Web browsers.

You can also download and install the Sun version of the JRE, now included in the

Ubuntu multiverse repository Use the Synaptic Package Manager and search on sun-java5

These Debian versions are packaged for installation on Ubuntu (mulitverse development repository)

Alternatively, you can download and install the JRE and SDK directly from Sun

(www.java.com) The SDK and JRE are available in the form of self-extracting compressed archives, bin.

NOTE

NOTE Numerous additional Java-based products and tools are currently adaptable for Linux Many

of the products such as the Java Web server run directly as provided by Sun You can download

several directly from the Sun Java Web site at http://java.sun.com.

Sun now provides an open source development environment called Iced Tea, which is

designed for developing completely open source Java applications OpenJDK provides a Java development platform; detailed descriptions of features can be found in the SDK

documentation, http://java.sun.com/docs.

FTP Clients

With File Transfer Protocol (FTP) clients, you can connect to a corresponding FTP site and download files from it FTP clients are commonly used to download software from public FTP sites that operate as software repositories Most Linux software applications can be downloaded to your Linux system from such sites, which feature anonymous logins that let

any user access their files A distribution site such as ftp.redhat.com is an example of one

such FTP site, holding an extensive set of packaged Linux applications you can download using an FTP client and then easily install on your system Basic FTP client capabilities are incorporated into the Konqueror (KDE) and Nautilus (GNOME) file managers You can use

a file manager window to access an FTP site and drag files to local directories to download them Effective FTP clients are also now incorporated into most Web browsers, making browsers a primary downloading tool Firefox in particular has strong FTP download capabilities

Although file managers and Web browsers provide effective access to public (anonymous login) sites, you may need a standalone FTP client such as curl, wget, gFTP, or ftp to access private sites These clients let you enter usernames and passwords with which you can access a private FTP site The standalone clients are also useful for large downloads from public FTP sites, especially those with little or no Web display support Popular Linux FTP clients are listed in Table 16-4

Network File Transfer: FTP

You can transfer extremely large files directly from one site to another using FTP, which can handle both text and binary files This TCP/IP protocol operates on systems connected to networks that use TCP/IP, such as the Internet FTP performs a remote login to another account on another system to which you connect through your network Once logged in to that other system, you can transfer files to and from it To log in, you need to know the login name and password for the account on the remote system For example, if you have

accounts at two different sites on the Internet, you can use FTP to transfer files from one to the other Many sites on the Internet allow public access using FTP, however Such sites serve as depositories for large files that anyone can access and download These sites are

often referred to as FTP sites, and in many cases, their Internet addresses usually begin with

ftp, such as ftp.gnome.org or ftp.ubuntu.com These public sites allow anonymous FTP

login from any user For the login name, use the word anonymous, and for the password, use

your e-mail address You can then transfer files from that site to your own system

You can perform FTP operations using an FTP client program; for Linux systems, you can choose from several FTP clients Many now operate using GUIs such as GNOME

Some, such as Firefox, have limited capabilities, whereas others, such as NcFTP, include an extensive set of enhancements The original FTP client is just as effective, though not as easy

to use It operates using a simple command line interface and requires no GUI or cursor support as other clients do

The Internet has a great many sites open to public access that contain files anyone can obtain using FTP Unless you already know where a file is located, however, finding it can

be difficult To search for files on FTP sites, you can use search engines such as Yahoo!

or Google For Linux software, you can check sites such as http://freshmeat.net, http://

sourceforge.net , http://apps.kde.com, and www.gnome.org These sites usually search for

both Web pages and FTP files

Web Browser–Based FTP: Firefox

You access an FTP site and download files from it with any Web browser When you access

an FTP site, the entire list of files in a directory is listed as a Web page You can move to a subdirectory by clicking its entry With Firefox, you can easily browse through an FTP site to

FTP Clients DescriptionFirefox Mozilla Web and FTP browserKonqueror KDE file manager

Nautilus GNOME file managergFTP GNOME FTP clientftp Command line FTP clientlftp Command line FTP client capable of multiple connectionsNcFTP Screen-based FTP client

curl Internet transfer client (FTP and HTTP)

TABLE 16-4 Linux FTP Clients

download files: just click the download link This will start the transfer operation, opening a dialog for selecting your local directory and the name for the file The default name is the same as on the remote system You can manage your downloads with the download manager, which will let you cancel a download operation in progress or remove other downloads requested The manager will show the time remaining, the speed, and the amount transferred for the current download Browsers are useful for locating individual files, though not for downloading a large set of files, as is usually required for a system update.

The KDE File Managers: Konqueror and Dolphin

On KDE, the Konqueror and Dolphin desktop file managers have built-in FTP capability The FTP operation has been seamlessly integrated into standard desktop file operations Downloading files from an FTP site is as simple as copying files by dragging them from one directory window to another, but one of the directories happens to be located on a remote FTP site On the KDE desktop, you can use a file manager window to access a remote FTP site Files in the remote directory are listed just as your local files are

To download files from an FTP site, you open a window to access that site, entering the

URL for the FTP site in the window’s location box Use the ftp:// protocol for FTP access You can also use the fish:// protocol for FTP access using SSH secure connections Once connected,

open the directory you want, and then open another window for the local directory to which you want the remote files copied In the window showing the FTP files, select the ones you want to download Then drag-and-drop those files to the window for the local directory A pop-up menu appears with choices for Copy, Link, or Move Select Copy to download the selected files Another window opens, showing the download progress and displaying the name of each file in turn, along with a bar indicating the percentage downloaded so far

GNOME Desktop FTP: Nautilus

The easiest way to download files is to use the built-in FTP capabilities of the GNOME file manager, Nautilus The FTP operation has been seamlessly integrated into standard desktop file operations Downloading files from an FTP site is as simple as dragging files from one directory window to another, where one of the directories happens to be located on a remote FTP site Use Nautilus to access a remote FTP site, listing files in the remote

directory, just as local files are Just enter the FTP URL following the prefix ftp:// and press

enter The top directory of the remote FTP site will be displayed Use Nautilus to progress through the remote FTP site’s directory tree until you find the file you want Then open another window for the local directory to which you want the remote files copied In the window showing the FTP files, select those you want to download Then ctrl-click and drag those files to the window for the local directory ctrl-clicking performs a copy operation, not a move As files are downloaded, a dialog appears showing the progress

gFTP

The gFTP program is a simpler GNOME FTP client designed to let you make standard FTP file transfers The gFTP window consists of several panes: The top-left pane lists files in your local directory, and the top-right pane lists your remote directory Subdirectories have folder icons preceding their names The parent directory can be referenced by the double

period entry ( ) with an up arrow at the top of each list Double-click a directory entry to

access it The pathnames for all directories are displayed in boxes above each pane You can enter a new pathname to change to a different directory

Click Connect to connect to that site A drop-down menu for sites lets you choose the site you want Interrupted downloads can be restarted easily.

wget

The wget tool lets you access Web and FTP sites for particular directories and files Directories can be recursively downloaded, letting you copy an entire Web site The wget command takes as its option the URL for the file or directory you want Helpful options include -q for quiet, -r for recursive (directories), -b to download in the background, and -c to continue downloading an interrupted file One of the drawbacks is that your URL reference can be very complex You have to know the URL already; you cannot interactively locate an item as you would with an FTP client The following would download the Ubuntu DVD in the background:

You can also use brackets to specify a range of multiple items This can be very useful for downloading archived files that have the same root name with varying extensions, such as different issues of the same magazine Curl can download using any protocol and will try to intelligently guess the protocol to use if none is provided Check the curl man page for more information

ftp

The name ftp designates the original FTP client used on Unix and Linux systems The ftp

client uses a command line interface, and it has an extensive set of commands and options you can use to manage your FTP transfers Alternatively you can use sftp for more secure access The sftp client has the same commands as ftp, but provided Secure Shell (SSH) encryption Also, if you installed the Kerberos clients, a Kerberized version of ftp is set up, which provides for secure authentication from Kerberos servers It has the same name as the ftp client (an ftp link to Kerberos ftp) and also the same commands

You start the ftp client by entering the command ftp at a shell prompt If you want to connect to a specific site, you can include the name of that site on the command line after the ftp keyword Otherwise, you need to connect to the remote system with the ftp

command open You are then prompted for the name of the remote system with the prompt

(to) When you enter the remote system name, ftp connects you to the system and then

prompts you for a login name The prompt for the login name consists of the word Name

and, in parentheses, the system name and your local login name Sometimes the login name

on the remote system is the same as the login name on your own system If the names are the same, press enter at the prompt If they are different, enter the remote system’s login name After entering the login name, you are prompted for the password

In the next example, the user connects to the remote system garnet and logs in to the robert account:

$ ftp ftp> open (to) garnet

Connected to garnet.berkeley.edu.

220 garnet.berkeley.edu FTP server ready.

Name (garnet.berkeley.edu:root): robert

password required Password:

user robert logged in ftp>

Once you’re logged in, you can execute Linux commands on either the remote system

or your local system You execute a command on your local system in ftp by preceding the command with an exclamation point Any Linux commands without an exclamation point are executed on the remote system One exception exists to this rule: Whereas you can change directories on the remote system with the cd command, to change directories on your local system, you need to use a special ftp command called lcd (local cd)

In the next example, the first command lists files in the remote system, while the second command lists files in the local system:

ftp> ls ftp> !ls

The ftp program provides a basic set of commands for managing files and directories on your remote site, provided you have the permission to do so (see Table 16-5) You can use

mkdir to create a remote directory and rmdir to remove one Use the delete command

to erase a remote file With the rename command, you can change the names of files You close your connection to a system with the close command You can then open another connection if you want To end the ftp session, use the quit or bye command:

ftp> close ftp> bye

Good-bye

$

To transfer files to and from the remote system, use the get and put commands The

get command receives files from the remote system to your local system, and the put

command sends files from your local system to the remote system In a sense, your local

system gets files from the remote and puts files to the remote In the next example, the file

weather is sent from the local system to the remote system using the put command:

ftp> put weather

PORT command successful.

ASCII data connection ASCII Transfer complete.

ftp Invokes the ftp program

open site-address Opens connection to another system

close Closes connection to a system

quit or bye Ends ftp session

ls Lists the contents of a directory

dir Lists the contents of a directory in long form

get filename Sends file from remote system to local system

put filename Sends file from local system to remote system

mget regular-expression Enables you to download several files at once from a remote

system You can use special characters to specify the files; you are prompted to transfer each file in turn

mput regular-expression Enables you to send several files at once to a remote system

You can use special characters to specify the files; you are prompted for each file to be transferred

runique Toggles storing of files with unique filenames If a file already

exists with the same filename on the local system, a new filename is generated

reget filename Resumes transfer of an interrupted file from where you left off

binary Transfers files in binary mode

ascii Transfers files in ASCII mode

cd directory Changes directories on the remote system

lcd directory Changes directories on the local system

help or ? Lists ftp commands

mkdir directory Creates a directory on the remote system

rmdir Deletes a remote directory

delete filename Deletes a file on the remote system

mdelete file-list Deletes several remote files at once

rename Renames a file on a remote system

hash Displays progressive hash signs during download

status Displays current status of ftp

TABLE 16-5 The ftp Client Commands

If a download is interrupted, you can resume the download with reget This is helpful when working with extremely large files; the download resumes from where it left off, so the whole file needn’t be downloaded again Be sure to download binary files in binary mode For most FTP sites, the binary mode is the default, but some sites might have ASCII (text) as the default The command ascii sets the character mode, and the command

binary sets the binary mode Most software packages available at Internet sites are archived and compressed files, which are binary files In the next example, the transfer

mode is set to binary, and the archived software package mydata.tar.gz is sent from the

remote system to your local system using the get command:

ftp> binary ftp> get mydata.tar.gz

PORT command successful.

Binary data connection Binary Transfer complete.

ftp>

You may often want to send several files, specifying their names with wildcard characters The put and get commands, however, operate only on a single file and do not work with special characters To transfer several files at a time, you have to use two other commands, mput and mget When you use mput or mget, you are prompted for a file list You can then either enter the list of files or a file-list specification using special characters For example, *.c specifies all the files with a c extension, and * specifies all files in the current directory In the case of mget, files are sent one by one from the remote system to your local system Each time, you are prompted with the name of the file being sent You can type y to send the file or n to cancel the transmission You are then prompted for the next file The mput command works in the same way, but it sends files from your local

system to the remote system In the next example, all files with a c extension are sent to

your local system using mget:

ftp> mget (remote-files) *.c mget calc.c? y

Answering the prompt for each file can be a tedious prospect if you plan to download

a large number of files, such as those for a system update In this case, you can turn off the prompt with the prompt command, which toggles the interactive mode on and off The

mget operation then downloads all files it matches, one after the other

to the appropriate directory first or set the transfer mode to binary.

Automatic Login and Macros: netrc

The ftp client has an automatic login ability and support for macros Both are entered in a

user’s ftp configuration file called netrc Each time you connect to a site, the netrc file is

checked for connection information, such as a login name and password In this way, you needn’t enter a login name and password each time you connect to a site This feature is

particularly useful for anonymous logins Instead of having to enter the username anonymous

and your e-mail address as your password, this information can be automatically read from

the netrc file You can even make anonymous login information your default so that, unless

otherwise specified, an anonymous login is attempted for any FTP site to which you try to

connect If you must log in to an FTP site, you can specify it in the netrc file and, when you

connect, either automatically log in with your username and password for that site or be prompted for them

Entries in the netrc file have the following syntax An entry for a site begins with the

term machine, followed by the network or Internet address, and then the login and password information:

machine system-address login remote-login-name password password

lftp

The lftp program is an enhanced FTP client with advanced features such as the ability to download mirror sites and run several FTP operations in the background at the same time (Ubuntu main repository) Lftp uses a command set similar to that for the ftp client: you use

get and mget commands to download files, with the -o option to specify local locations for them Use lcd and cd to change local and remote directories

To manage background commands, you use many of the same commands used for the shell The & placed at the end of a command puts it into the background, and pressing ctrl-z puts an already-running job in the background Commands can be grouped with parentheses and placed together into the background Use the jobs command to list your background jobs and the wait or fg command to move jobs from the background to the foreground When you exit lftp, the program will continue to run any background jobs In effect, lftp becomes a background job itself

When you connect to a site, you can queue commands with the queue command, setting

up a list of FTP operations to perform This feature allows you to queue several download operations to a site The queue can be reordered and entries deleted if you wish You can also connect to several sites and set up a queue for each one The mirror command lets you maintain a local version of a mirror site You can download an entire site or just update newer files, as well as remove files no longer present on the mirror

You can tailor lftp with options set in the lftprc file System-wide settings are placed in the /etc/lftp.conf file Here, you can set features such as the prompt to use and your anonymous password The lftp directory holds support files for command history, logs, bookmarks, and startup commands The lftp program also supports the netrc file, checking

it for login information

Network Talk and Messenger Clients: VoIP, IRC, and IM

You may, at times, want to communicate directly with other users on your network You can do so with VoIP, Talk, ICQ, IM, and IRC utilities, provided the other user is also logged

in to a connected system at the same time (see Table 16-6) With VoIP applications, you can speak over Internet connections as if you’re on a telephone With an Internet Relay Chat (IRC) utility, you can connect to a remote server where other users are also connected and talk with them IM clients operate much the same way, allowing users on the same IM system to communicate anywhere across the Internet Ubuntu uses Pidgin as its standard interface for IM

Ekiga

Ekiga (Figure 16-4) is GNOME’s VoIP application providing Internet IP telephone and video conferencing support It is installed by default on the Ubuntu desktop and is accessible by choosing Applications | Internet | Ekiga Softphone

To use Ekiga, you will need a Session Initiation Protocol (SIP) address You can obtain a

free address from http://ekiga.net, but you will first have to subscribe to the service When

you start Ekiga, you will be prompted to configure your connection Here you provide your name, set up your user ID and password, detect your network connection, and specify a sound driver and video device

Use the call pad to make a call The sound and video panels let you adjust sound levels and video image appearance Use the address book to connect to another Ekiga user A white pages directory lets you search for people who are also using Ekiga

Ekiga was formerly called GnomeMeeting, and its Web site is still at www.gnomemeeting org Ekiga supports both the H.323 and SIP protocols It is compatible with Microsoft’s NetMeeting H.323 is a comprehensive protocol that includes the digital broadcasting protocols such as digital video broadcast (DVB) and H.261 for video streaming, as well as the supporting protocols such as the H.450 series for managing calls

Clients DescriptionEkiga VoIP applicationPidgin Messenger interface for all IM protocols including MSN, AIM, Yahoo!,

MySpaceIM, ICQ, XMPP, and IRCX-Chat IRC client

Konversation KDE IRC clientGabber Jabber client (XMPP)Gaim GNOME AIM clientpsi Jabber client using QT (KDE)nalm Command line cursor–based IRC, ICQ, and AIM client

TABLE 16-6 Talk and Messenger Clients

NOTE

NOTE IRC operates like a chat room You can enter channels and talk to other users already online

You must first select an IRC server to which you want to connect Various servers are available for different locales and topics Several IRC clients are available for use on Ubuntu, including sirc, ksirc, Konversation, and irssi Most IM applications, such as Pidgin, can also support IRC.

Instant Messenger: Pidgin

IM clients operate much the same way as ICQ (www.icq.com), allowing users on the same

IM system to communicate anywhere across the Internet Currently some of the major IM systems are AIM (AOL), Microsoft Network (MSN), Yahoo!, ICQ, and Jabber Unlike the

others, Jabber is an open source IM service (www.jabber.org) It uses an XML protocol it developed called Extensible Messaging and Presence Protocol (XMPP) (www.xmpp.org).

a buddy icon Specify the server and network connection settings on the Advanced tab; the AIM server will already be entered

F IGURE 16-4 Ekiga

To configure your setup, choose Tools | Preferences The Conversations tab lets you set the font, images, and smiley icons for your messages The Network tab lets you configure your network connection, and the Logging tab lets you turn message logging on or off The Sounds tab allows you to choose sounds for different events You can find out more about

Pidgin at http://pidgin.im Pidgin is a GNOME front end that used the libpurple library for actual IM tasks (formerly libgaim) The libpurple library is used by many different IM

applications such as Finch

Authorization, Encryption, and Permissions

CHAPTER 18AppArmor and Security-Enhanced Linux

CHAPTER 19Secure Shell and Kerberos

CHAPTER 20Firewalls

PART

Copyright © 2009 by The McGraw-Hill Companies Click here for terms of use

Authorization, Encryption,

and Permissions

Authorization, encryption, and permissions are all methods for controlling access

Authorizations can control access to administrative tools, making sure only valid and trusted users make changes to your system setup Encryption can protect messages and files you may send, and digital signatures can confirm the source of a message

or file Users can also place their own access controls on their files using permissions and access control lists (ACLs) You can even encrypt entire file systems, making them accessible only with a valid key

Certain security packages control access to resources such as devices, messages, directories, and file systems PolicyKit provides controls for accessing devices and administrative tools by users It is designed to permit limited administrative access to particular users, instead of allowing full root user access

You can use encryption, integrity checks, and digital signatures to protect data transmitted over a network For example, the GNU Privacy Guard (GnuPG) encryption as supported by Seahorse encryption management lets you encrypt your e-mail messages or files you want to send, and it lets you sign them with an encrypted digital signature authenticating that the message was sent by you The digital signature also includes encrypted modification digest information that provides an integrity check, allowing the recipient to verify that the message received is the original and not one that has been changed or substituted

Permissions can be set on file and directories to allow access to the owner, members of a group, or to all other users This is the traditional method of controlling access to files You can also use ACLs to add further restrictions ACLs provide more refined access, but they are more difficult to manage You can also encrypt entire file systems, using the same public key encryption method used for messages and archives

Controlled Access with PolicyKit: Authorizations

Designed by the Freedesktop.org project, PolicyKit allows ordinary users and applications access to administrative-controlled applications and devices Currently it works primarily with Hardware Abstraction Layer (HAL)–enabled devices and some GNOME desktop tasks Though its functions could be accomplished with other operations such as group permissions,

359 CHAPTER

Copyright © 2009 by The McGraw-Hill Companies Click here for terms of use

PolicyKit aims to provide a simple and centralized interface for granting users access to administration-controlled devices and tools PolicyKit is used to grant access to most of the devices on your system, including removable devices It is also used to control access to several

administrative tools such as users-admin and services-admin (GNOME administration tools)

It is not used for access for other administrative tools such as Synaptic Package Manager or the login window For these uses, you would use sudo and gksu PolicyKit also controls access to the GNOME desktop clock applet

For administrative tools, read-only access is granted to everyone, but the application is locked to prevent any changes To gain full access, you click a Lock button in the lower-right corner of the application You are then prompted to enter your administrative password, as you would for sudo or gksu The application will unlock, allowing full access and displaying

an Unlock button

PolicyKit can also allow more refined access Instead of an all-or-nothing approach, in which a user had to gain full root level control over the entire system just to access a specific administration tool, PolicyKit can allow access to a specific administrative application (currently only the GNOME clock is supported) All other access can be denied Without PolicyKit, this kind of access could be configured in a limited way for some devices, such as while mounting and unmounting CD/DVD discs but not for applications A similar kind of refined control is provided on Ubuntu with sudo and gsku, allowing access to specific administrative applications; administrative password access is still required, and root level access, though limited to that application, is still granted You can find out more about

PolicyKit at http://hal.freedesktop.org/docs/PolicyKit/.

Using PolicyKit, administrator-controlled devices and applications are set up to communicate with ordinary users, allowing them to request certain actions If the user is allowed to perform the action, the request is authorized and the action is performed In the case of devices, which are now controlled and managed by HAL, the request can be sent to HAL, which then can authorize the action Technically, all devices and administrative tools are considered mechanism to which requests are sent by user PolicyKit agents Administration

mechanisms use a shared library called policykit to decide whether to grant access Users and application requests are validated by a libpolkit-grant shared library The policykit library will check the validations provided by libpolkit-grant and allow access accordingly.

Authentication can be required for the user (user password) or for an administrator (root user password) On Ubuntu, no root user access is defined, unless you first set up a root user password You would be given user level access requiring only your user password, as is the case for sudo Access can further be controlled by time limits: indefinite, for the rest of the current session, or as long as the process is active

PolicyKit Agent

To gain access, a user makes use of an authentication agent The PolicyKit GNOME agent

is installed with PolicyKit and can be run by any administration-enabled user by choosing

System | Administration | Authorization Both the policykit and gnome-policykit

packages are part of the Ubuntu main repository and installed by default This runs the

polkit-gnome-authorization tool with which you can set PolicyKit access

The freedesktop entry holds freedesktop-supported tools including hal and policykit, as well

as systemtoolsbackends for administrative tool support.

The hal entry lets you control access to devices, with subsections for storage devices,

device access to other devices, and power management, among others (see Figure 17-2) The

storage section lets you control mounting for internal and removable drives, as well as encryption configuration

PolicyKit Implicit and Explicit Authorizations

A selected entry will display its PolicyKit configuration on the right panel This is divided into three segments: Action, Implicit Authorizations, and Explicit Authorizations (see Figure 17-3)

Implicit Authorizations are applied to the device or tool for all users These are set for Anyone, Console, and Active Console For single-user systems such as most laptops, the logged in user will be the active console Console and Anyone would cover remote users A Yes entry allows complete automatic access, and a No entry denies all access You can click the Edit button to change the settings (see Figure 17-4) You can choose to restrict access to administrative users or users that provide their password, as well as limiting authorization

to the duration of the session

To grant access to specific users, click the Grant button on the Explicit Authorizations area This opens a Grant Authorization dialog where you can select a user and specify the level of access (Figure 17-5)

In the device access section under hal you can permit access by remote users to certain

devices such as video, sound, and DVB devices In this case, the implicit authorizations could be modified to allow access by anyone Or you could allow access to specific users

In the freedesktop entry (see Figure 17-1), you can use entries under policykit to

configure PolicyKit authorization Here you can specify who can revoke, read, modify, or grant PolicyKit authorizations

F IGURE 17-1 PolicyKit sidebar, collapsed

F IGURE 17-2 Storage devices

in hal

For administrative tools such as user, services, and networking, you use the freedesktop | systemtoolsbackends | manage system configuration entry Implicit authorizations are set

for the active console only with administrative authentication (see Figure 17-6) There are no explicit authorizations You can use the Grant and Block buttons in the Explicit

Authorizations area to grant or block access for particular users

F IGURE 17-3 PolicyKit Authorizations window

F IGURE 17-4 Editing implicit authorizations

F IGURE 17-5 Grant Authorization dialog

PolicyKit Configuration Files and Tools

Devices and administrative applications that want to make use of PolicyKit must be modified

to access it Currently, HAL, which controls access to most devices, provides PolicyKit control for devices On GNOME, the clock applet is configured for PolicyKit control PolicyKit for

devices and applications are configured using XML files with the extension policy in the /usr/share/PolicyKit/policy directory Here you will find policy files for the gnome-clock-

applet as well as several for HAL and one for PolicyKit

The /etc/PolicyKit/PolicyKit.conf file is used to permit overriding any PolicyKit

authorizations for users Currently the configuration file is set up always to allow access to the root user and to any users with administrative access (admin group) It can be configured for specific users

Though you would use polkit-gnome-authorization to configure PolicyKit, several command line tools are also available These include polkit-auth to manage authorization, polkit-action to list and modify allowed actions, polkit-policy-file-validate to validate a PolicyKit policy file, and polkit-config-file-validate to validate the PolicyKit configuration file Should you make changes directly to the PolicyKit.conf file, you should run polkit- config-file-validate to make sure the file is valid If you add or modify any of the policy files, you can run polkit-policy-file-validate on them to verify that they are correctly configured.

Public Key Encryption, Digital Signatures, and Integrity Checks

Encrypting data is the only sure way to secure data transmitted over a network Encrypt data with a key, and the receiver or receivers can later decrypt it To protect data transmitted over

a network, you should not only encrypt it, but also check that it has not been modified, confirming that it was actually created by the claimed author An encrypted message could still be intercepted and modified and then reencrypted Integrity checks such as modification digests ensure that the data was not altered Though encryption and integrity checks protect the data, they do not authenticate it You also need to know that the user who claims to send

a message is actually is the person who sent it, rather than an imposter To authenticate a message, the author can sign it using a digital signature This signature can also be encrypted, allowing the receiver to validate it Digital signatures ensure that the message you receive

is authentic

Encryption was originally implemented with Pretty Good Privacy (PGP) Originally

a privately controlled methodology, it was handed over to the Internet Engineering Task Force (IETF) to support an open standard for PGP called OpenPGP (see Table 17-1) Any project can use OpenPGP to create encryption applications, such as GnuPG Commercial products for PGP are still developed by the PGP Corporation, which also uses the OpenPGP standard

T 17-1 PGP Sites

http://gnupg.org GnuPG, Gnu Privacy Guardhttp://openpgp.org IETF open standard for PGPwww.pgp.com PGP Corporation, PGP commercial products

Public Key Encryption

Encryption uses a key to encrypt data in such a way that a corresponding key can decrypt

it In the past, older forms of encryption used the same key both to encrypt and decrypt a message This, however, involved providing the receiver with the key, opening up the possibility that anyone who obtained the key could decrypt the data Public key encryption

uses two keys to encrypt and decrypt a message: a private key and a public key The private

key is always kept and used to decrypt messages you have received The public key is made available to people to whom you send messages They then use your public key to encrypt any message that they want to send to you The private key decrypts messages, and the public key encrypts them Each user has a set of private and public keys, securely kept

in keyrings

Reciprocally, if you want to send messages to another user, you first obtain that user’s public key and use it to encrypt the message you want to send to the user The user then decrypts the messages with his or her own private key In other words, your public key is used by others to encrypt the messages you receive, and you use other users’ public keys to encrypt messages you send to them All the users on your Linux system can have their own

public and private keys They will use the gpg program to generate them and keep their

private key in their own keyrings

Digital Signatures

A digital signature is used both to authenticate a message and provide an integrity check

Authentication guarantees that the message has not been modified—that it is the original message sent by you—and the integrity check verifies that it has not been changed Though usually combined with encrypted messages to provide a greater level of security, digital signatures can also be used for messages that can be sent in the clear For example, you would want to know if a public notice of upgrades of a Ubuntu release was actually sent by Ubuntu and not by someone trying to spread confusion Such a message still needs to be authenticated and checked to see whether it was actually sent by the sender or, if sent by the original sender, was not somehow changed en route Verification like this protects against modification or substitution of the message by someone pretending to be the sender

by the more secure SHA2 algorithms

The MD5 value is encrypted with your private key When the user receives your message, your digital signature is decrypted using your public key Then an MD5 value of the message received is generated and compared with the MD5 value you sent If the values are the same, the message is authenticated as the original message sent by you, not a false one sent by a user pretending to be you The user can use GnuPG to decrypt and check digital signatures

Combining Encryption and Signatures

Normally, digital signatures are combined with encryption to provide a more secure level

of transmission The message is encrypted with the recipient’s public key, and the digital signature is encrypted with your private key The user decrypts both the message (with his private key) and then the signature (with your public key) The user then compares the signature with one that he generates from the message to authenticate it When GnuPG decodes a message, it will also decode and check a digital signature automatically Figure 17-7 shows the process for encrypting and digitally signing a message

Managing Keys with Seahorse

For GPG and SSH encryption, signing, and decryption of files and text, GNOME provides Seahorse Seahorse lets you manage your encryption keys stored in keyrings as well as SSH keys and passphrases You can import keys, sign keys, search for remote keys, create your own keyrings, and specify a keyserver to search and publish to All these operations can also

be performed using the gpg command

F IGURE 17-7 Public key encryption and digital signatures

Passwords and Encryption Keys: Seahorse

To import, sign, and locate keys, you use the Seahorse encryption key manager On the GNOME desktop, Seahorse is referred to as “Passwords and Encryption Keys.” Choose Applications | Accessories | Passwords And Encryption Keys This entry will run the

seahorse command that will display the “Passwords And Encryption Keys” window This window shows four tabs: My Personal Keys, Trusted Keys, Other Collected Keys, and Passwords When you first start up the utility, it will display three buttons on the lower part of the panel: Help, Import, and New (see Figure 17-8)

Creating a New Private Key

Click the New button (or choose Key | Create New Key) to create your own private/public keys (Figure 17-9) Keep in mind that before you can perform any encryption, you must first set up your own GPG (GPG is the GNU version of PGP) key pair, private and public You choose whether to set up a PGP or SSH key Choose the PGP Key entry to set up a GPG key, and then click Continue

F IGURE 17-9 Choose encryption key type

F IGURE 17-8 Seahorse Passwords and Encryption Keys window: Seahorse

In the New PGP Key dialog (Figure 17-10), enter your name and e-mail address Click the Advanced Key Options drop-down arrow to set Encryption Type, Key Strength, and Expiration Date Then click the Create button.

You are then asked to enter a passphrase (Password) for the encryption key (Figure 17-11) This passphrase will allow you to decrypt any data encrypted by your key

The key is then generated This can take a some time During the generation process,

a busy notification will let you know the generation is still in process (Figure 17-12)

Once the key is created, it will appear in the My Personal Keys tab of the Passwords And Encryption Keys window (Figure 17-13)

Importing Public Keys

In the Passwords And Encryption Keys window, click the Import button (or choose Key | Import) to import any public keys you may have downloaded If you know the name of the key file, you can try searching the key servers for it Choose Remote | Find Remote Keys to open the Find Remote Keys dialog, where you can enter a search string for the key (Figure 17-14) The search term is treated as a prefix, matching on all possible completions

An expandable tree lists you key servers; choose which ones to search Results are listed

in a new window Select the one you want, and then either click Import to import the key directly or click Save Key As to save the key as an ASC key file that you can later import To see information about a key, select it and click the Properties button Information about the owner and the key is displayed

F IGURE 17-10 New PGP Key dialog

F IGURE 17-11 Passphrase for encryption key

Once you have imported the key, it will appear in the Other Collected Keys tab of the Passwords And Encryption Keys window (Figure 17-15) If you know that you can trust the key, you can sign it, making it a trusted key Right-click its entry and choose Sign to open a signing dialog, or click the Sign button You are asked to specify how carefully you have checked this key (Not At All, Casually, and Very Carefully) The key will be moved from the Other Collected Keys tab to the Trusted Keys tab

When you created your own private key, you also generated a corresponding public key that others can use to decrypt data encrypted with that key To make your public key available to others, you can export it to a file to send directly to other users, automatically share it with other users on your system, or publish it on a keyserver

To export your public key to a file, select your key in the My Personal Keys tab and click the Export Public Key button You can do this for your public keys also To make keys automatically available to other users, or to publish them on a keyserver, you use the Password And Encryption Settings window which configures Seahorse preferences: choose System | Preferences | Encryption And Keyrings

F IGURE 17-12 Generating encryption key

F IGURE 17-13 My Personal Keys

Seahorse integrates support for GPG Should you import a key with the gpg command,

it will appear in the Other Collected Keys tab You can also sign a key using the gpg

command with the sign-key option, and the key will appear in the Trusted Keys tab

Seahorse Settings

To manage and configure key support, you use the Password And Encryption Settings window which sets Seahorse preferences Access it from System | Preferences | Encryption

And Keyrings, which runs the seahorse-preferences command The Password And

Encryption Settings window opens with five tabs: Password Keyrings, Encryption, PGP Passphrases, Key Servers, and Key Sharing (Figure 17-16)

On the Password Keyrings tab, you can add keyrings and manage their passwords To create a new keyring, click the Add Keyring button to open a dialog where you can enter the keyring name and password On the Encryption tab, you can select a default key use On the PGP Passphrases tab, you can configure passphrase remembering By default, passphrases are never remembered You can choose always to remember passphrases or remember them for

a particular period of time

F IGURE 17-14 Searching for keys

The Key Servers tab lists keyservers to use Click the Add key to add a key server, entering its host name (URI) You can choose to publish your public keys on the keyservers (off by default) You can also choose to retrieve keys automatically from the key servers and

to synchronize modified keys

The Key Sharing tab gives you the option to share public keys automatically with other users on your network Users will have access to all your public keys, which they can use to encrypt messages for files they send to you You do not have to send them your public keys manually

Making Your Public Keys Available with Seahorse

To allow other users to decrypt your messages, you must make your public key available to them They, in turn, have to send you their public keys so that you can decrypt any messages you receive from them In effect, enabling encrypted communications among users involves all

of them exchanging their public keys The public keys then must be verified and signed by each user who receives them The public keys can then be trusted to decrypt messages safely

If you are sending messages to just a few users, you can manually e-mail them your public key For general public use, you can post your public key on a keyserver, from which anyone can then download and use the key to decrypt any message they receive from you A keyserver can be accessed using e-mail, Lightweight Directory Access Protocol (LDAP), or the HTTP Horowitz Keyserver Protocol (HKP) (For more information, see the OpenPGP

Public Keyserver project at http://pks.sourceforge.net.) In Ubuntu, hkp://pgp.mit.edu:11371 and ldap://keyserver.pgp.com will already be selected by Seahorse On the Password And

Encryption Settings window’s Key Servers tab, you can choose a keyserver to publish to (Figure 17-17) (To have systems on your local network receive your public keys automatically, click the Share My Keys With Others On My Network check box on the Key Sharing tab.)

F IGURE 17-16 Password and Encryption Settings

GNU Privacy Guard: gpg

To protect messages and text files, Ubuntu, like most Linux distributions, provides GnuPG

encryption and authentication (http://gnupg.org) GnuPG is the GNU open source software

that works much like Pretty Good Privacy (PGP) encryption It is the OpenPGP encryption and signing tool With GnuPG, you can both encrypt and digitally sign your messages and files—protecting the message or file and authenticating that it is from you

To protect messages that you send by e-mail, Evolution and KMail both support GnuPG encryption and authentication, along with Thunderbird with added GPG plug-ins On Evolution, you can select PGP encryption and signatures from the Security menu to use GnuPG (the PGP options use GnuPG) On KMail, you can select the encryption to use on the

Security tab in the Options window For Thunderbird, you can use the enigmail extension to support OpenGPG and PGP encryption (http://enigmail.mozdev.org)

-s, sign Signs a document, creating a signature; may be

combined with encrypt

clearsign Creates a clear-text signature

-b, detach-sign Creates a detached signature

-e, encrypt Encrypts data; may be combined with sign

decrypt [file] Decrypts file (or stdin if no file is specified) and writes

it to stdout (or the file specified with output) If the decrypted file is signed, the signature is verified

verify [[sigfile] [signed-files]] Verifies a signed file The signature can be contained

with the file or in a separate detached signature file

-k, list-keys [names],

list-public-keys [names]

Lists all keys from the public keyrings or those specified

-K, list-secret-keys [names] Lists your private (secret) keys

list-sigs [names] Lists your keys along with any signatures they have

check-sigs [names] Lists keys and their signatures and verifies the signatures

fingerprint [names] Lists fingerprints for specified keys

gen-key Generates a new set of private and public keys

edit-key name Edits your keys Commands perform most key

operations, such as sign to sign a key or passwd to change your passphrase

sign-key name Signs a public key with your private key Same as sign

in edit-key

delete-key name Removes a public key from the public keyring

delete-secret-key name Removes private and public keys from both the secret

and public keyrings

gen-revoke Generates a revocation certificate for your own key

export [names] Exports a specified key from your keyring With no

arguments, exports all keys

send-keys [names] Exports and sends specified keys to a keyserver The

option keyserver must be used to provide the name

of this keyserver

import [files] Imports keys contained in files into your public keyring

TABLE 17-2 GPG Commands and Options

For managing your encryption keys, you can use the GNOME Seahorse Encryption and Keyrings window (Applications | Accessories | Passwords and Encryption Keys), instead of

gpg commands directly (as discussed in the preceding section) Encryption for text files and the Gedit text editor are provided by the Seahorse plug-in Other applications, such as Evolution, support encryption directly

NOTE

NOTE If you want to verify the validity of a digital signature, you can use gpgv instead of gpg This

is a stripped-down version of gpg used for signature verification.

The first time you use gpg , a gnugpg directory is created in your home directory with

a file named options The gnugpg/gpg.conf file contains commented default options for

GPG operations You can edit this file and uncomment or change any default options you want implemented for GPG You can use a different options file by specifying it with the

optionsparameter when invoking gpg Helpful options include keyserver entries The

.gnugpg directory will also hold encryption files such as secring.gpg for your secret keys (secret keyring), pubring.gpg for your public keys (public keyring), and trustdb.gpg, which

is a database for trusted keys

Generating Your Public Key with gpg

Before you can use GnuPG, you will have to generate your private and public keys You can

do this with the Passwords and Encryption Keys utility described earlier, or use the gpg

command entered in a terminal window On the command line (terminal window), enter the

gpg command with the gen-key command:

gpg gen-key

The gpg program will then prompt with different options for creating your private and public

keys You can check the gpg man page for information on using the gpg program.

-a, armor Creates ASCII-armored output, ASCII version of

encrypted data

-o, output file Writes output to a specified file

default-key name Specifies the default private key to use for signatures

keyserver site Looks up public keys not on your keyring Can also

specify the site to which to send your public key

host -l pgp net | grep www.keys will list the keyservers

-r, recipient names Encrypts data for the specified user, using that user’s

public key

default-recipient names Specifies the default recipient to use for encrypting data

TABLE 17-2 GPG Commands and Options (Continued)

You are first asked to select the kind of key you want Normally, you keep the default entry by pressing the enter key Then you choose the key size, usually the default of 1024 You then specify how long the key is to be valid—usually, there is no expiration

You are then asked to enter a user ID, a comment, and an e-mail address Press enter to see prompts for each in turn These elements, any of which can be used as the key’s name, identify the key You use the key name when performing certain GPG tasks such as signing a key or creating a revocation certificate For example, the following elements create a key for the user

richlp with the comment author and the e-mail address richlp@turtle.mytrek.com:

Richard Petersen (author) <richlp@turtle.mytrek.com>

You can use any unique part of a key’s identity to reference that key For example, the

string Richard would reference the preceding key, provided there are no other keys that have the string Richard in them The string richlp would also reference the key, as would author

Where a string matches more than one key, all those matched would be referenced

After you have entered your user ID, comment, and e-mail address, the elements are displayed along with a menu that will allow you to change any element:

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?

Enter o to approve and accept the key

The gpg program will then ask you to enter a passphrase, used to protect your private key

Be sure to use a real phrase, including spaces—not just a password gpg then generates your

public and private keys and places them in the gnupg directory This may take a few minutes.

The private keys are kept in a file called secring.gpg in your gnupg directory The public key is placed in the pubring.gpg file, to which you can add the public keys of other users You

can list these keys with the list-keys, list-public-keys, or -k command:

the key richlp and places it in the file myrevoke.asc:

gpg output myrevoke.asc gen-revoke richlp

Importing Public Keys

To decode messages from other users, you will need to have their public keys Either they can send them to you or you can download them from a keyserver Save the message or Web page containing the public key to a file You will then need to import the key, and you should also verify and sign the key Use the file you received to import the public key to your

pubring file As noted previously, you can also use the Seahorse Passwords and Encryption

Keys utility (Applications | Accessories | Passwords And Encryption Keys) to import and

sign keys In the following example, the user imports george’s public key, which he has received as the file georgekey.asc:

gpg import georgekey.ascYou can also use the gpg search-key and keyserver options to import

a key Keys matching the search term will be displayed in a numbered list You will be prompted to enter the number of the key you want The 2007 Sendmail key from the results

from the following example would be 7 This is the key used for 2007 released software.

$ gpg keyserver pgp.mit.edu search-keys Sendmail

gpg: searching for "Sendmail" from hkp server pgp.mit.edu (1) Sendmail Signing Key/2008 <sendmail@Sendmail.ORG>

1024 bit RSA key F6B30729, created: 2008-01-18

(7) Sendmail Signing Key/2007 <sendmail@Sendmail.ORG>

1024 bit RSA key 7093B841, created: 2006-12-16

Enter number(s), N)ext, or Q)uit > 7

gpg: requesting key 7093B841 from hkp server pgp.mit.edu gpg: key 7093B841: public key "Sendmail Signing Key/2007

<sendmail@Sendmail.ORG>" imported gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: Total number processed: 1

gpg: imported: 1 (RSA: 1)

NOTE

NOTE You can remove any key, including your own private key, using the delete-key and

delete-secret-key commands.

Signing Your Public Keys

If you trust the imported key, you can then sign it, making it a trusted key (these will show up

in the Trusted Keys tab of the Passwords and Encryption Keys window) To sign a key, you use the gpg command with the sign-key command and the key’s name:

gpg sign-key george@rabbitAlternatively, you can edit the key with the edit-key command to start an interactive session in which you can enter the command sign to sign the key and save to save the change Signing a key involves accessing your private key, so you will be prompted for your passphrase

In this example, the e-mail address is used for the key name You are prompted to make sure you want to sign it Then you have to enter the passphrase for your own GPG key

$ gpg sign-key sendmail@Sendmail.ORG

pub 1024R/7093B841 created: 2006-12-16 expires: never usage: SCEA trust: unknown validity: unknown

[ unknown] (1) Sendmail Signing Key/2007 <sendmail@Sendmail.ORG>

pub 1024R/7093B841 created: 2006-12-16 expires: never usage: SCEA

Really sign? (y/N) y

You need a passphrase to unlock the secret key for user: "Richard Petersen <richard@somedomain>"

1024-bit DSA key, ID 0108D72C, created 2008-03-26For public keys in your keyrings, you can set different trust levels GPG supports several trust levels, including marginal, full trust, and ultimate You use the edit-key command with the trust option to set the trust level:

gpg edit-key george@rabbit trustThis will display a menu of several options:

1 = I don't know or won't say

You can also check the fingerprint of the key for added verification To check manually that a public key file was not modified in transit, you can check its fingerprint This is a hash value generated from the contents of the key, much like a modification digest Using the fingerprint option, you can generate a hash value from the key you installed, and then contact the sender and ask her what the hash value should really be If they are not the same, you know the key was tampered with in transit

TIP

TIP You can use the fingerprint option to check a key’s validity If you are confident that the key is valid, you can then sign it with the sign-key command.

You do not have to check the fingerprint to have gpg operate This is just an advisable

precaution you can perform on your own The point is that you need to be confident that the key you received is valid Normally, you can accept most keys from public servers or known sites as valid, although it is easy to check their posted fingerprints Once assured of

the key’s validity, you can then sign it with your private key Signing a key notifies gpg that

you officially accept the key

Publishing Keys

You can use the gpg command with the -keyserver option and send-key command

to send keys directly to a keyserver The send-key command takes as its argument your e-mail address You need to send only to one keyserver, as it will share your key with other

keyservers automatically You can also use the Seahorse Password and Encryption Settings window’s Key Sharing and Key Servers tabs to publish your keys The following command

publishes a key to the pgp.mit.edu keyserver:

gpg keyserver pgp.mit.edu:11371 send-key chris@turtle.mytrek.com

If you want to send your key directly to another user, you should generate an armored text version of the key that you can then e-mail You do this with the armor and export

options, using the output option to specify a file in which to place the key The armor

option will generate an ASCII text version of the encrypted file so that it can be e-mailed directly, instead of as an attached binary Files that hold an ASCII-encoded version of the

encryption normally have the extension asc, by convention Binary encrypted files normally use the extension gpg You can then e-mail the file to users to which you want to send

encrypted messages

# gpg armor export richlp@turtle.mytrek.com output richlp.asc

# mail -s 'mypubkey' george@rabbit.mytrek.com < richlp.ascMany companies and institutions post their public key files on their Web sites, where they can be downloaded and used to verify encrypted software downloads or official announcements

NOTE

NOTE Some commands and options for GPG have both long and short forms For example, the

armor command can be written as -a , output as -o , sign as -s , and encrypt

as -e Most others, such as export , have no short form.

Using GPG

GPG encryption is currently supported by most mail clients, including KMail, Thunderbird, and Evolution You can use the gpg command to encode and decode messages manually, including digital signatures Seahorse provides several GPG encryption plug-ins for use with Evolution and Gedit

Encrypting and Decrypting Data with the gpg Command

The gpg command provides several options for managing secure messages The e option encrypts messages, the a option generates an armored text version, and the s option (used

by e-mail applications) adds a digital signature You will need to specify the recipient’s

public key, which you should already have imported into your pubring file This key is used

to encrypt the message The recipient will then be able to decode the message with her private key Use the recipient or -r option to specify the name of the recipient key You can use any unique substring in the user’s public key name, but the e-mail address usually suffices You use the d option to decode received messages In the following example, the user encrypts (e) and signs (s) a file generated in armored text format (a) The -r option indicates the recipient for the message (whose public key is used to encrypt the message):gpg e -s -a -o myfile.asc -r george@rabbit.mytrek.com myfile

You can leave out the ASCII armor option if you want to send or transfer the file as a binary attachment Without the armor or -a option, gpg generates an encoded binary file, not an encoded text file This is the method used for encryption by Nautilus A binary file can

be transmitted through e-mail only as an attachment As noted previously, ASCII-armored

versions usually have an extension of asc, whereas binary version use gpg.

When the other user receives the file, they can save it to a file named something like

myfile.asc and then decode the file with the -d option The -o option will specify a file in which to save the decoded version GPG will automatically determine whether this is a binary file or an ASCII-armored version

gpg -d -o myfile.txt myfile.asc

To check the digital signature of the file, use the gpg command with the verify

option This assumes that the sender has signed the file

Seahorse Plug-ins: Choose Recipients

Plug-ins are provided for Gedit to encrypt text files, the Epiphany Web browser for text phrases, and Nautilus to perform encryption from the context menu A panel applet lets you encrypt, sign, and decrypt clipboard content

The Seahorse Choose Recipients plug-in opens a window in which you can choose the key

to use for encryption (Figure 17-18) A pop-up menu lets you use all keys, only selected recipients, or search results A search box lets you search for keys, selecting them based on a pattern you enter Available keys will be listed in the window by name and key ID You also have the option of signing the message, by selecting signatures from the Sign Message As pop-up menu Once you make your selection, you will be prompted to enter the passphrase for that encryption key

Encrypting and Decrypting Files with Nautilus

Nautilus will generate an encrypted copy of a file with the extension gpg This tool operates like gpg with the -e option, and no -a option To encrypt a file from Nautilus, select the file and then right-click to open the Nautilus pop-up menu Choose the Encrypt option Or select the file and choose Edit | Encrypt The Choose Recipients window then opens, letting you select the encryption keys and digital signature to use Select the encryption key, and you will

be prompted to enter the key’s passphrase Then an encrypted copy of the file will be

generated with the extension pgp The original is left untouched.

If you only want to sign a file, you can choose Edit | Sign (or right-click the filename and choose Sign) This opens a dialog with a pop-up menu listing digital signatures you can use

To decrypt the encrypted pgp file, double-click it, or right-click and select “Open With

Decrypt File.” This opens the file with the decrypt tool, which generates a decrypted copy

of the file A “Choose decrypted file name” dialog will then open, where you can enter the name for the copy and the directory in which save it You are then prompted for the passphrase

Encrypting Data with Gedit

Gedit is designed to create armored text–encrypted files, the kind you would send as an e-mail

It will change the original text file, transforming the text into an encoded armor ASCII

equivalent, with BEGIN and END entries for the encoded data You could then send the text

directly as a message To decode, be sure to select the entire encoded text, including the

BEGIN and END lines You will be prompted for the passphrase for the key If signed, the

signature will also be checked

To encrypt files with Gedit, you first have to enable encryption Open Gedit and choose Edit | Preferences On the Preferences window, select the Plugins tab Scroll down the list of active plug-ins and click the check box for Text Encryption Now, on the Gedit Edit menu, you will see entries for Sign, Decrypt/Verify, and Encrypt

Choose Edit | Encrypt to encrypt the message or Edit | Sign to sign it When you choose Encrypt, the Choose Recipients dialog, opens where you can select the encryption keys to use If you choose Sign, a small dialog appears with a pop-up menu listing digital signatures you can use To decrypt or verify, first select the text and then select the Decrypt/Verify entry

Decrypting a Digital Signature

You will need to have the signer’s public key to decode and check the digital signature If you

do not have they key, you will receive a message saying that the public key was not found In this case, you will have to obtain the signer’s public key You can access a keyserver that you think may have the public key or request the public key directly from a Web site or from the signer Then import the key as described earlier

F IGURE 17-18 Choose Recipients window

NOTE One very effective use for digital signatures is to verify that a software package has not been altered A software package could be intercepted in transmission and some of its system-level files changed or substituted Software packages for Ubuntu, as well as those by reputable GNU and Linux projects, are digitally signed The signature provides modification digest information with which to check the integrity of the package (see Chapter 7).

You do not have to encrypt a file to sign it A digital signature is a separate component

You can either combine the signature with a file or generate a signature file separately To combine a signature with a file, you generate a new version that incorporates both Use the

sign or -s option to generate a version of the document that includes the digital

signature In the following example, the mydoc file is digitally signed with mydoc.gpg file

containing both the original file and the signature:

gpg -o mydoc.gpg sign mydoc

If, instead, you want to generate a separate signature file, you use the detach-sig

command This has the advantage of not having to generate a complete copy of the original

file That file remains untouched The signature file usually has an extension such as sig In the following example, the user creates a signature file called mydoc2.sig for the mydoc2 file:

gpg -o mydoc2.sig detach-sig mydoc2

To verify the file using a detached signature, the recipient user specifies both the signature file and the original file:

gpg verify mydoc2.sig mydoc2

To verify a trusted signature, you can use gpgv You can also generate a clear sign

signature to be used in text files A clear sign signature is a text version of the signature that

can be attached to a text file The text file can be further edited by any text editor Use the

clearsign option to create a clear sign signature The following example creates a clear

signed version of a text file called mysignotice.txt:

gpg -o mysignotice.txt clearsign mynotice.txt

Permissions: Discretionary Access Control

Each file and directory in Linux contains a set of permissions that determine who can access it

and how These are known as discretionary access controls (DACs) You set these permissions to

limit access in one of three ways: you can restrict access to yourself alone, you can allow users

in a predesignated group to have access, or you can permit anyone on your system to have access You can also control how a given file or directory is accessed

Read, Write, and Execute

A file or directory may have read, write, and execute permissions When you create a file, you,

as the creator/owner, are automatically given read and write permissions, enabling you to display and modify the file You may change these permissions to any combination you want

A file can also have read-only permission, which prevents any modifications

TIP

TIP From GNOME and KDE desktops, you can change permissions easily by right-clicking a file or directory icon and choosing Properties On the Properties window’s Permissions tab, you will see options for setting Owner, Group, and Other permissions.

Three different categories of users can have access to a file or directory: the owner, the

group, and all others not belonging to that group The owner is the user who created the file Any file you create, you own You can also permit a group to have access to a file Users are

often collected into groups, especially in network situations in businesses For example, all the users for a given class or project can be formed into a group by the system administrator A user can grant access to a file to the members of a designated group Finally, you can also open

up access to a file to all other users on the system In this case, every user who is not part of the file’s group can have access to that file In this sense, every other user on the system makes up the “others” category If you want to give the same access to all users on your system, you set the same permissions for both the group and others That way, you include both members of the group (group permission) and all those users who are not members (others permission).Each category has its own set of read, write, and execute permissions The first set controls the user’s own access to his or her files—the owner access The second set controls the access

of the group to a user’s files The third set controls the access of all other users to the user’s files The three sets of read, write, and execute permissions for the three categories—owner, group, and other—make a total of nine types of permissions

The ls command with the -l option displays detailed information about the file, including the permissions In the following example’s second line, the first few characters

show the permissions set for the mydata file:

$ ls -l mydata

-rw-r r 1 chris weather 207 Feb 20 11:55 mydata

An empty permission is represented by a dash (-) The read permission is represented

by r, write by w, and execute by x Notice that 10 permission characters are displayed here The first character indicates the file type In a general sense, a directory can be considered a type of file If the first character is a dash, it means a file is being listed If the first character

is d, information about a directory is being displayed The next 9 characters are arranged according to the different user categories The first set of 3 characters is the owner’s set of permissions for the file The second set of 3 characters is the group’s set of permissions for the file The last set of 3 characters is the other users’ set of permissions for the file

Permissions on GNOME and KDE

On GNOME, you can set a directory or file permission using the Permissions tab in the Properties window Right-click the file or directory entry in the file manager window and choose Properties and open the Permissions tab (Figure 17-19) Here you will find pop-up