Generating a key pair

PGP key pairs may be generated from either your desired Keys module (See Key Management) or via the My Account > OpenPGP Encryption > Generate OpenPGP Key link in the Web user interface.  Keys generated via the Keys module in the top menu (as depicted in the image below) are system keys that may be used anywhere in the system; keys generated via the SECURITY > Keys module in a domain are domain level keys that may be used anywhere in the domain; and keys generated via the web interface are private to the user that generated the key and may be used only to encrypt files uploaded to virtual paths that are accessible to the user and have PGP encryption enabled.

 

Generating a key pair via Key Manager

 

To generate a PGP key pair, click your desired Keys module.  Click on the PGP Keys tab.

 

 

Depicted in the image above is the PGP Keys grid. The columns are described below.

 

Key Alias - This alias will be used to refer to this particular key pair in the MFT Server environment.

 

Key algorithm - The type of key used. Valid values are RSA, DSA, EC and ED.

 

Expiration Date - The date the key expires.

 

Can encrypt - Indicates whether key can be used for encrypt operations.

 

Can decrypt - Indicates whether key can be used for decrypt operations.

 

Can sign - Indicates whether key can be used for sign operations.

 

Can verify - Indicates whether key can be used for verify signature operations.

 

Fingerprint - The unique fingerprint for the key.

 

Select the PGP Keys tab and click the Generate button.  The GeneratePGP Key dialog is displayed.

 

 

Real name - The full name of the key pair owner e.g. John Smith.

 

Email - The email address for the key pair owner e.g. jsmith@domain.com.

 

Key algorithm - The encryption algorithm used. Supported types includes RSA, DSA, EC and ED.

 

Key length - The length of encryption key, applicable when RSA or DSA is the selected key algorithm. Length options vary depending on the algorithm selected. Note: For key lengths greater than 1024 you must install the files as described here: Additional libraries needed for OpenPGP.

 

Key curve - The curve of the key, applicable when EC or ED is the selected key algorithm. The curve values you can choose from depend on which algorithm you are configuring.

 

Validity period - The number of days the key pair is valid for.

 

Generating a key pair via client web interface

 

To generate a key pair login via client web interface and click on the My Account > OpenPGP Encryption > Generate OpenPGP Key button.  The Generate OpenPGP Key dialog is displayed.

 

Upon clicking the Generate button you will be prompted to save the private key on your local system. Make sure to save this key in a safe place as without it you will be unable to decrypt files encrypted using the public key. Furthermore, anyone who obtains your private key may be able to decrypt your PGP encrypted files so it is recommended that you apply a password to your private key.

 

You will notice that upon generating your PGP key pair that a file named .pgp/key.pub will be placed in your home directory. DO NOT DELETE this file as it will be used for encrypting files uploaded to virtual paths that have PGP encryption enabled. Note: Only one PGP public key may be associated with each account. Generating a new key pair or importing a new public key will overwrite the existing public key file.

 

 

Real name - The full name of the key pair owner e.g. Jane Doe.

 

Email - The email address for the key pair owner e.g. JDoe@domain.com.

 

Type - The cipher to use when creating key.

 

Key length - The length of encryption key.

 

Validity period - The number of days the key pair is valid for.

 

Key algorithm - The encryption algorithm used.

 

File password - Optional private key password.