GnuPrivacyGuard basicsThese are the bare-bones instructions to get you going. Reading the
documentation (online at
http://www.gnupg.org/en/manual.html) is
highly recommended.
It is a good idea to get a buddy to go through this at the same time
that you do -- that way you will have someone to exchange keys and
encrypted files with.
- Create yourself a key.
- select the default generation type
- select the default length (or longer if you want)
- select the expiry time
- enter your real name
- enter your email address
- enter a comment
- enter a passphrase to protect your key
2. Send your key to the people who are going to use it to send email to you or verify email from you.
- extract the key from gpg:
$ gpg --armor --output file --export (email address)
eg:
gpg --armor --output my-key --export DMackintosh@uxilium.com
will place my public key in the file "my-key" in a format that
is suitable for emailing.
- attach or embed this file in an email.
3. Receive the public key of a person who you are going to send email
to. (Option: see how to use the
key server service.)
- extract the public key into a file.
- import that key into gpg:
$ gpg --import (file-that-key-is-in)
- confirm somehow that this key is genuine (phone, registered mail, whatever)
- sign the imported key to tell gpg that you trust it
$ gpg --edit-key (email-address-associated-with-the-key)
Command> sign
Command> quit
Save changes? y
- you can check that you have signed it properly:
$ gpg --edit-key (email-address-associated-with-the-key)
Command> check
4. Encrypt a file to be sent to another user:
$ gpg --output (encrypted-file-name) --encrypt --recipient (email-address-you-have-a-key-for) (unencrypted-file)
- (encrypted-file-name) can now be attached to an email.
5. Decrypt a file sent to you:
$ gpg --output (unencrypted-file) --decrypt (encrypted-file)
- (unencrypted-file) is now a normal file.