Quick Start
GnuPrivacyGuard basics
These are the bare-bones instructions to get you going. Reading the documentation (online at http://www.gnupg.org/en/manual.html) is highly recommended.
It is a good idea to get a buddy to go through this at the same time that you do -- that way you will have someone to exchange keys and encrypted files with.
- Create yourself a key.
$ gpg --gen-key
- select the default generation type
- select the default length (or longer if you want)
- select the expiry time
- enter your real name
- enter your email address
- enter a comment
- enter a passphrase to protect your key
- Send your key to the people who are going to use it to send email to you or verify email from you.
-
extract the key from gpg:
$ gpg --armor --output file --export (email address)
eg:
gpg --armor --output my-key --export DMackintosh@uxilium.com
will place my public key in the file "my-key" in a format that is suitable for emailing.
- attach or embed this file in an email.
3. Receive the public key of a person who you are going to send email to. (Option: see how to use the key server service.)
-
extract the public key into a file.
-
import that key into gpg:
$ gpg --import (file-that-key-is-in)
-
confirm somehow that this key is genuine (phone, registered mail, whatever)
-
sign the imported key to tell gpg that you trust it
$ gpg --edit-key (email-address-associated-with-the-key) Command> sign Command> quit Save changes? y
-
you can check that you have signed it properly:
$ gpg --edit-key (email-address-associated-with-the-key) Command> check
4. Encrypt a file to be sent to another user:
$ gpg --output (encrypted-file-name) --encrypt --recipient (email-address-you-have-a-key-for) (unencrypted-file)
- (encrypted-file-name) can now be attached to an email.
5. Decrypt a file sent to you:
$ gpg --output (unencrypted-file) --decrypt (encrypted-file)
- (unencrypted-file) is now a normal file.