Here you’ll learn how to securely transmit messages and files encrypted with PGP via the popular gnupg tool. Let’s dive right in, and learn how to secure our communications!
If you’ve never heard of PGP before, check out an excellent PGP primer and explanation, which contains various details we won’t get into here for brevity’s sake. First check whether or not gnupg is already installed. Within terminal, run the command:
Pretty Good Privacy is one method for encrypting messages between two people. Here’s how PGP works and how anyone can use it.
If it displays the version of gnupg you’re currently running (should be v2+), then you’re all set and can move to the next section. Otherwise, you can install gnupg by running:
sudo apt-get install gnupg2
Once finished, check to ensure it’s installed:
gnupg -- version
Assuming gnupg was properly installed, this will display the version number.
Generate a PGP Key
Using asymmetrical encryption, you will first generate a PGP key-pair that consists of both a public and private key. The public key can be freely distributed to anyone who you wish to receive encrypted messages from, while the private key is kept to yourself in a safe place.
People can then encrypt messages to the public key, and send an encrypted message, which can then be decrypted using the private key. To generate a key-pair run:
This will start by asking your name and email address, which doesn’t necessarily have to be your real name and email. However, it is what others will see when selecting who to encrypt messages to, so ensure it’s something others can easily identify you by.
Next enter the letter O to confirm the name and email address, and you’ll be prompted to enter a desired password, which can be anything you wish. You will need to enter this password each time you want to decrypt a message that was sent to you.
Once you’ve confirmed the password, it will begin generating your new PGP key-pair, which can take a few minutes to gather enough entropy/random data from your computer. Feel free to navigate away from terminal for a couple minutes and do something else until you see a message saying your key has been successfully generated.
Export Your Public Key
Now that your key-pair is generated, you need to export the public key to distribute to others. Within terminal run the command:
gpg -a --export -e 'email@example.com` > mykey.asc
Ensure to change ‘firstname.lastname@example.org’ with the email address you supplied when generating your PGP key. You will now see a new file in the current directory named mykey.asc. Send this file to anyone who you wish to be able to send you encrypted messages.