|
|
|
|
|
MOVEit Central allows operators to create, delete, import and export locally stored PGP keys through MOVEit Central Admin. There is no need to "shell out", issue command-line arguments or use a third-party PGP key management utility. Behind the scenes, MOVEit Central stores PGP keys in files called "keyrings", but the interface MOVEit Central Admin uses to manage PGP keys is intentionally similar to the interface used to manage SSH keys and SSL certificates.
There are two types of PGP keys: PGP public keys and PGP private/public keypairs.
PGP Public Keys
Public keys are non-secret keys that are often widely distributed to other users. To encrypt a file to send to someone, you must have a copy of their public key. If you sign the file, the recipient must have a copy of your public key in order to check the signature.
Typically you will "import" the public keys of several other users into your keyring, and "export" your own public key to send to other users. There is usually little security risk associated with distributing your public key. (In fact, some people attach their PGP public key to every email message they send!)
Operators may perform both import and export operations through MOVEit Central Admin, of course. In MOVEit Central Admin, public PGP keys (for which you lack a private key) are displayed as "Other Keys" because other people have the private keys associated with the "Other Keys".
PGP Private/Public Keypairs
Private/public keypairs (also known as secret keys or just private keys) are secret keys that are generated by you and that contain information that must not be given to other users. A secret key also contains a copy of an associated public key. Though you will rarely export your entire private/public keypairs (except possibly for backup purposes), you will need to export the public component of your private/public keypair in order to allow others to encrypt files to be sent to you.
Although not strictly necessary, private/public keypairs are generally encrypted with a password, so that if the private/public keypair file falls into the wrong hands, it cannot be used.
Although it is possible to have multiple private/public keypairs--just as it is possible to have multiple email addresses--to prevent confusion, it is recommended that you minimize the number of different secret keys.
In MOVEit Central Admin, private/public keypairs are displayed as "My Keys" because you have the private keys.
Managing Keys
PGP keys are managed through the "Manage PGP Keys" dialog, which is accessed via Admin's Options | Cert/Key Managers | PGP Keys menu entry. This dialog shows all PGP keys. MOVEit Central Admin identifies secret keys as "My Keys" and public keys as "Other Keys". Select a key to see that key's details, such as expiration date and fingerprint.