Jason's Home Page - Linux HOWTOs

About | Home | Search
HOWTO: gnupg
Description: GNU Privacy Guard
Click here for ChangeLog
NOTE: I use GNU tar >= 1.13.25 so it's -j for .tar.bz2 files,
it's safe to assume that make, gcc, binutils, fileutils/coreutils, gawk, sed, and grep are prerequisites for almost everything
# GnuPG
# =====
# There are two versions of gnupg below.  The latest 1.x and the latest
# 2.x  They can both be installed at the same time.  The GnuPG v2.x
# binary is named 'gpg2'.

# Versions of GnuPG 1.x included in Slackware packages:
# Slackware 12.0: gnupg 1.4.7
# Slackware 12.1, 12.2, 13.0: gnupg 1.4.9

# Versions of GnuPG 2.x included in Slackware packages:
# Slackware 12.0: gnupg2 2.0.4
# Slackware 12.1, 12.2: gnupg2 2.0.9
# Slackware 13.0: gnupg2 2.0.12

# If you have trouble downloading it with the URL below, see
# http://www.gnupg.org/download/mirrors.html for alternate sites to
# get it from.  I used to have the main site's FTP URL set here, but it
# doesn't respond.  You can connect, but it won't send the banner saying
# hello.

# Older versions had differently named files:
test -f ~/.gnupg/options && mv -f ~/.gnupg/options ~/.gnupg/gpg.conf

# If you have a previously installed gnupg that went into /usr/local, or
# if you just want to clean up files from an old version before installing
# a new one, skip down to the bottom for instructions.


# GnuPG 1.4.10
# ============
# Prerequisites:
# OpenLDAP's libraries (if you want ldap-based keyserver support)
# zlib
# iconv
# Perl
# sendmail
# gettext
# bison
# readline (optional)
# bzip2 (optional)
# libusb (optional)
# curl (optional; to skip it leave off --with-libcurl below)

cd
test -f installed/gnupg-1.4.10.tar.bz2 &&
 mv installed/gnupg-1.4.10.tar.bz2 .
test ! -f gnupg-1.4.10.tar.bz2 &&
 wget ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.10.tar.bz2

# Verify tarball w/ md5sum:
# (this came from my gpg-verified tarball)
echo "dcf7ed712997888d616e029637bfc303  gnupg-1.4.10.tar.bz2" | md5sum -c

# Verify tarball w/ sha1sum:
echo "fd1b6a5f3b2dd836b598a1123ac257b8f105615d  gnupg-1.4.10.tar.bz2" | \
 sha1sum -c

# Verify tarball w/ an older version of gpg:
( gpg --list-keys 1CE0C630 > /dev/null 2>&1 || gpg --recv-keys 1CE0C630 ) &&
 wget ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.10.tar.bz2.sig &&
  gpg --verify gnupg-1.4.10.tar.bz2.sig && rm gnupg-1.4.10.tar.bz2.sig

mkdir -p -m 0700 src
cd src
find -maxdepth 1 -type d -name "gnupg-1.*" -exec rm -r {} \;
tar xjvf ~/gnupg-1.4.10.tar.bz2
cd gnupg-1.4.10
test $UID = 0 && chown -R root:root .
./configure --prefix=/usr --disable-nls --with-libcurl
make

# Become root to install it
su

# Remove files from old versions
test -x /sbin/removepkg && /sbin/removepkg gnupg
rm -f /usr/libexec/gnupg/gpgkeys_* /usr/local/bin/gpgkeys_*

# Install the new version
make install
chmod u+s /usr/bin/gpg

# Become yourself again
exit

cd
mkdir -p -m 0700 installed
rm -f installed/gnupg-1.*.tar.*
mv gnupg-1.4.10.tar.bz2 installed/

# If you just upgraded from 1.2.x to 1.4.x for the first time, read through
# doc/highlights-1.4.txt

## Here are some GnuPG 1.x usage examples:

# If you haven't already done so with an older version, create a key (don't
# do this remotely)
gpg --gen-key

# Generate a revocation certificate and store it away somewhere.
# Obviously replace jschmo@foo.org with your actual e-mail address (whatever
# you specified when you created the key).
gpg --gen-revoke jschmo@foo.org

# Export your key to a text file
# Post it to http://pgp.mit.edu/ or slap it on a web page somewhere
gpg --armor --export jschmo@foo.org

# Some people like to put the fingerprint of their key in their signature.
# The fingerprint can verify that the PGP signature you see on a web site
# is real by matching it up with fingerprint in an e-mail from that person
gpg --fingerprint jschmo@foo.org

# Modify the key, to add/remove other e-mail addresses of yours, etc.
gpg --edit-key jschmo@foo.org


# GnuPG 2.0.14
# ============
# Prerequisites (beyond those listed above):
# OpenLDAP's libraries (if you want ldap-based keyserver support)
# Perl
# tar
# GPG Error >= 1.4
# libgcrypt >= 1.2.2
# libassuan >= 0.9.3 (with Pth support)
# libksba >= 1.0.0
# libusb (optional)
# coreutils' shred
# GNU Portable Threads Library
# curl (optional; to skip it leave off --with-libcurl below)
# gettext
# iconv
# bison
# zlib
# bzip2 (optional)
# readline (optional)
# PIN Entry (optional)

cd
test -f installed/gnupg-2.0.14.tar.bz2 &&
 mv installed/gnupg-2.0.14.tar.bz2 .
test ! -f gnupg-2.0.14.tar.bz2 &&
 wget ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.0.14.tar.bz2

# Verify tarball w/ md5sum:
# (this came from my sha1sum and gpg-verified tarball)
echo "54732a0a76d59646b7e0b682fb357c22  gnupg-2.0.14.tar.bz2" | md5sum -c

# Verify tarball w/ sha1sum:
echo "cc5e4637f37f5bc82b00c73fc094ddadb7401821  gnupg-2.0.14.tar.bz2" | \
 sha1sum -c

# Verify tarball w/ an older version of gpg:
( gpg --list-keys 1CE0C630 > /dev/null 2>&1 || gpg --recv-keys 1CE0C630 ) &&
 wget ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.0.14.tar.bz2.sig &&
  gpg --verify gnupg-2.0.14.tar.bz2.sig && rm gnupg-2.0.14.tar.bz2.sig

mkdir -p -m 0700 src
cd src
find -maxdepth 1 -type d -name "gnupg-2.*" -exec rm -r {} \;
tar xjvf ~/gnupg-2.0.14.tar.bz2
cd gnupg-2.0.14
test $UID = 0 && chown -R root:root .
./configure --prefix=/usr --disable-nls --with-libcurl
make

# Become root to install it
su

test -x /sbin/removepkg && /sbin/removepkg gnupg2
make install

# Become yourself again
exit

cd
mkdir -p -m 0700 installed
rm -f installed/gnupg-2.*.tar.*
mv gnupg-2.0.14.tar.bz2 installed/

# If you just upgraded from 1.2.x to 1.4.x for the first time, read through
# doc/highlights-1.4.txt


# If you ever want to uninstall GnuPG 1.x, this should do it:
cd
su
test -d src/gnupg-1.* && ( cd src/gnupg-1.* ; make uninstall )
for pfx in /usr /usr/local;
do
  ( cd ${pfx}/bin ; rm -f gpg gpgsplit gpgv )
  ( cd ${pfx}/info ; rm -f gpg.info gpgv.info )
  test -d ${pfx}/libexec/gnupg && rm -r ${pfx}/libexec/gnupg
  ( cd ${pfx}/man/man1 ; rm -f gpg.1 gpg.ru.1 gpgv.1 )
  rm -f ${pfx}/man/man7/gnupg.7
  test -d ${pfx}/share/gnupg && rm -r ${pfx}/share/gnupg
  find ${pfx}/share/locale -type f -name "gnupg.mo" -exec rm {} \; \
   2> /dev/null
done
exit
find ~/src -maxdepth 1 -type d -name "gnupg-1.*" -exec rm -r {} \;
rm -f ~/installed/gnupg-1.*.tar.*


# If you ever want to uninstall GnuPG 2.x, this should do it:
cd
su
test -d src/gnupg-2.* && ( cd src/gnupg-2.* ; make uninstall )
for pfx in /usr /usr/local;
do
  ( cd ${pfx}/bin ; rm -f gpg-agent gpg-connect-agent gpg2 gpgconf \
    gpgkey2ssh gpgparsemail gpgsm gpgsm-gencert.sh gpgv2 kbxutil scdaemon \
    watchgnupg )
  ( cd ${pfx}/libexec ; rm -f gnupg-pcsc-wrapper gpg-preset-passphrase \
    gpg-protect-tool gpg2keys_curl gpg2keys_finger gpg2keys_hkp \
    gpg2keys_ldap )
  ( cd ${pfx}/share/man/man1 ; rm -f gpg-agent.1 gpg-connect-agent.1 \
    gpg-preset-passphrase.1 gpg2.1 gpgconf.1 gpgparsemail.1 \
    gpgsm-gencert.sh.1 gpgsm.1 gpgv2.1 scdaemon.1 symcryptrun.1 \
    watchgnupg.1 )
  ( cd ${pfx}/share/man/man8 ; rm -f addgnupghome.8 applygnupgdefaults.8 )
  ( cd ${pfx}/sbin ; rm -f addgnupghome applygnupgdefaults )
  test -d ${pfx}/share/gnupg && rm -r ${pfx}/share/gnupg
  rm -f ${pfx}/share/info/gnupg.info
done
exit
find ~/src -maxdepth 1 -type d -name "gnupg-2.*" -exec rm -r {} \;
rm -f ~/installed/gnupg-2.*.tar.*
Back to the list
Last updated: Fri, 26 Mar 2010 13:18:56 -0400
Jason Englander <jason at englanders dot us>