Seahorse Setup on Ubuntu

Seahorse Setup on Ubuntu
Page content

Launching

Click the Ubuntu icon at the upper left corner of your desktop, type “Seahorse” into the search box that appears at the top of the screen and click the “Passwords & Encryption” application that appears. You can also press “Alt” and “F2” at the same time, type “seahorse” and press “Enter” to start it if you’re using an older version of the Ubuntu desktop.

Seahorse is included with Ubuntu by default and should already be installed on your system. If it isn’t, you can open a terminal window from the applications launcher and run the command “sudo apt-get install seahorse” to install it.

Create PGP Key

A PGP, or pretty good privacy, key allows you to encrypt and sign files with your private key. Your private key is protected with a password. Others can use your public key to decrypt the files and ensure they’re from you, since only you have access to your private key.

Click the “File” menu, select “New,” select “PGP Key” in the window that appears and click “Continue.”

Type your name into the Full Name box, your email address in the Email Address box and an optional comment in the Comment box.

Click the “Advanced Key Options” heading in the window to view advanced key options.

Click the “Encryption Type” box and select an encryption type for your key. Seahorse’s developers recommend the “DSA ElGamal” option, which allows you to sign, verify, encrypt and decrypt files. Other types only allow you to sign and verify files.

Set the key strength by typing a value into the Key Strength box. You can type any value between 1024 and 4096. Larger values are more secure if you’re using a strong pass-phase, but operations take longer to perform with larger values. Again, the Seahorse developers recommend a minimum value of 2048 bits, which is the default.

Seahorse generating a new PGP key

Uncheck the “Never Expires” check box if you want your encryption key to expire eventually. The encryption key never expires by default. You can set an expiry time, if desired. Seahorse’s developers recommend an expiry time of six months, if you want your key to expire.

Click the “Create” button and provide a strong pass-phrase. Unlike a password, a pass-phrase can contain one or more spaces.

Click “OK” to generate your key. The generation process may take a few moments. After it’s finished, the generated key appears under the My Personal Keys tab.

Create SSH Key

A secure shell, or SSH, key allows you to connect to computers using the SSH protocol, usually used for terminal access. You provide each SSH server with your public key, and you can connect to each using your private key. You don’t have to remember a separate password for each SSH server.

Click the “File” menu, select “New,” select “Secure Shell Key” and click “Continue.”

Type a description into the Key Description box. You can type your email address or any comment that identifies the purpose of the SSH key.

Click the “Advanced Key Options” header to view more options.

Creating an SSH key with Seahorse

Click the “Encryption Type” box and select “RSA” or “DSA.” The Seahorse developers recommend RSA as the more secure encryption type; use it unless you require DSA for a specific reason.

Set the key strength using the Key Strength box. Like with PGP Keys, you can select any value between 1024 and 4096. Higher values are more secure with a strong pass-phrase, although each operation you perform with your key takes longer with higher values. Seahorse’s developers recommend not going below the default value of 2048 bits.

Click “Just Create Key” or “Create and Set Up” if you want to set another computer up to use the key.

Type a strong pass-phrase into the boxes and click “OK.” Strong pass-phrases are similar to strong passwords, but you can use spaces in pass-phrases. SSH keys also appear under the My Personal Keys tab after they’re generated

If you selected “Create and Set Up,” provide the name of the computer and your log-in name, then click “Set Up.” After you provide your password, Seahorse configures the computer to allow you to log in with your SSH key instead of your password on that computer.

Passwords and Secrets

Adding a password to Seahorse

To use Seahorse to store passwords and other private information click the “File” menu, select “New,” select “Stores Password” and click “Continue.” Click the “Keyring” box and select “Login,” then provide a description and password. Seahorse stores the password in your login keyring, which it unlocks and decrypts with your system password when you log in to your Ubuntu computer. People can only access these passwords if you’re logged in.

You can change a key’s pass-phrase or export it, as well as perform other actions, from its properties dialog. Right-click the key in the Seahorse window and select “Properties.”

References

GNOME: Passwords and Encryption Keys Manual

GNOME: Seahorse - About

Screenshots provided by writer