PGP Tutorial – Linux, Windows, MacOS

Learning PGP is essential for secure communication!
The generated PGP key pair has a public and a private key. The public key is for sharing with others. The contact can then send you an encrypted message.The private key is only for you! Keep it safe and never share it with anyone! You can decrypt messages encrypted with your public key.

Kleopatra PGP on Linux and Windows

Linux Install

Download: https://apps.kde.org/kleopatra/ or install from source on Ubuntu/Debian

Open terminal

sudo apt-get update
sudo apt-get install kleopatra --no-install-recommends

Windows Install

Download: https://www.gpg4win.org/

Generate New Key Pair
Optional UserName and Email
Set 4096 bits long RSA keys Valid until: Optional expiry or unchecked = never expire
Enter strong password

Encrypt – Decrypt – Sign

Open Notepad
Select recipients Encrypt to yourself: you’re the only one who can decrypt it. Encrypt for others: the recipient is the only one who can decrypt it. Signature: your message remains readable but is digitally signed by your private key. Anyone who has your public key can verify the validity of your signature.

Results

Encrypted message

Signed message

GPA – Alternative Linux APP

Lighweight PGP client. No unnecessary packages to be installed. Part of Debian, Whonix, Qubes.

Download and Install

Download: https://gnupg.org/software/gpa/

Install on Ubuntu/Debian

sudo apt-get update
sudo apt-get install gpa

Sign | Verify signature | Encrypt | Decrypt

Linux Terminal

Install 

sudo apt-get update
sudo apt-get install gpg

Generate new key pair

gpg --full-generate-key

Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
(14) Existing key from card
Your selection? 1

Next Step

RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (3072) 4096

Next Step

Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0) 5y

0 = Never expire
1y = key expire in 1 year
5y = key expire in 5 years

Next Step

Key expires at Sun Mar 10 18:00:29 2030 UTC
Is this correct? (y/N) y

Next Step

Real name: Any UserName
Email address: Any or empty
Comment:

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O

Next Step

Enter a strong password
Public and secret key created and signed.

List Keys

gpg --list-keys

Encrypt Message

Replace MyUserName with the UID of the recipient

gpg --encrypt --armor -r MyUserName

Type or copy your message into the terminal
When you’re done, press CRTL+D

Sign Message

gpg --clear-sign

Sign with non default secret key
gpg --clear-sign --default-key KEYID

Decryp Message

gpg --decrypt

Paste Message
When you’re done, press CRTL+D

Verify Signature

gpg --verify

Paste Message
When you’re done, press CRTL+D

MacOS – PGP Suit

Download

https://gpgtools.org/

Create new key pair

PGPSuit has no text editor. Open default or any text editor

Select All | Right+Click Services | OpenPGP: Encrypt Selection

Select Recipient | Encrypt

Result:

Tags
Share Post

Leave a Reply

Your email address will not be published. Required fields are marked *