Getting started with GPG Part 1/2
GNU Privacy Guard(GPG) is an open source implementation of the Pretty Good Privacy (PGP)
GPG implements multiple types of symmetric and asymmetric encryption algorithms. We can use GPG to encrypt and decrypt data as well as create digital signatures for signing and authentication.
The first thing you are going to want to do is to create your own public and private key pair. You can do this by running the command:
RSA and RSA is the default.
3072 is the default.
Expiry date – you can set this to whenever you would like your key to expire. I selected 0
User information – This is the information that is linked to your key. There are three different attributes: Real name, email address, comment. Note that the comment is optional.
The passphrase is what protects your private key, this is very important. You need to make sure you have a very strong passphrase that includes letters, numbers and symbols. It is also very important to remember your passphrase because if you forget it then you will not be able to recover your private key.
Exporting your public key :
When somebody wants to check your signature or wants to send you an encrypted message, they are going to need your public key. We can export are key as a binary file or as a .asc file. The most common way is a .asc file because this is a text-encoded file, which makes it easier to share with people across the internet. To do this we run the command:
gpg --armor --export “Unique identifier” > public-key.asc
We can now upload are public key to an online key server and share are public key with our friends.
Importing public keys :
Now we are all set up and other people have got our public key, it’s time for us to start importing theirs. If you wanted to import their public from a file like we just created, you can run the command:
gpg --import <File name>
We can also list all the keys that we have got in our keychain by running the command:
For more information about GPG run the command:
(Tip: you can search by typing /)