GNU Privacy Guard tutorial

GNU Privacy Guard for dummies

To Generate a keypair in Gnupg, the command that you have to write in the linux terminal is:

gpg --full-generate-key

This is the output of the command.

gpg (GnuPG) 0.9.4; Copyright (C) 1999 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details.

Please select what kind of key you want:
(1) DSA and ElGamal (default)
(2) DSA (sign only)
(4) ElGamal (sign and encrypt)
Your selection?

for this tutorial im going to select the "DSA and ElGamal" type of key.

DSA keys have a minimum length of 1024 and a maximum lenght of 3072 bit.
What keysize do you want? (2048)

For this example i am going to use the default settings, which is 2048bits of length.

Then GPG will asks how long our key should last before expiring

now, i will put in 0, as it is the default setting, and it is handy for this guide.

Please specify how long the key should be valid.
0 = key does not expire
(n) = key expires in n days
(n) w = key expires in n weeks
(n) m = key expires in n months
(n) y = key expires in n years
Key is valid for? (0)

Next thing GPG will ask, is our name and email address

GnuPG needs to construct a user ID to identify your key.

Real name:

then after i input my name, and press enter we need to input our email address

Email address:

and, then press O to confirm the data that you have given in input to gpg

You selected this USER-ID:
"Ale provaTantoPer@nonso.it"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?

After this, a popup window will open, prompting you for a passphrase, please make sure to remember it

Congratulations! you have succefully created your first keypair!

Exporting our key and crypting a document

Now, we need to export our public key to a gpg file.

gpg --output nKey.gpg --export emailChiave

replace emailKey with the email you put in at the start, this command will export the key in a file named nKey.gpg, be free to name it another way.

now, send the key to another computer, using whatever medium you prefer, it can be either a storage medium, or an email service ecc...

gpg --import nKey.gpg

then, on the computer you sent the key to, write this command to import your public key

now we will finally encrypt a file with our public key

gpg --output nameOfTheCryptedDocument.gpg --encrypt --recipient emailKey nameOfTheDocument

you did it! now send the encrypted document back to your first computer

gpg --output document --decrypt nameOfTheCryptedDcomument.gpg

with this command, after writing your passphrase, the document will finally be readable again.