====== GnuPG introduction tutorial ====== ===== Introduction ===== This document describes how to use gnupg (gpg) tool to make a basic (everyday) operations, described in [[documentation:gpg-keys|this page]]. Also, it's highly recommended to read mentioned document first. [[https://gnupg.org/|GnuPG]] is a standard tool to use. It's a text-based console application, but it's a way more ease to use comparing with a graphical application. ===== Getting GnuPG ===== ==== Mac OS X ==== === Install brew tool === Brew tool is a tool of [[wp>Homebrew_(package_management_software)]], so, in order to install it, please do the following: * Open a terminal found on /Applications/Utilities/ * Run ''xcode-select --install'' {{documentation:install-command-line-tools-os-x.jpg}} * Click install button on the dialog {{documentation:confirm-install-command-line-tools-mac-os-x.jpg}} * Wait until complete {{documentation:downloading-command-line-tools.jpg}} The full article might be found at http://osxdaily.com/2014/02/12/install-command-line-tools-mac-os-x/ * Run in terminal the following ''/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"'' === Brew === It's an easy to do in MacOS using brew. Just run in the terminal (mentioned early): ''brew install gpg'' ==== Debian-based OSes (ubuntu, debian, devuan) ==== You need a sudo access in order to install a package. Open your favourite terminal and type ''sudo apt-get install gpg''. Please note, in most cases gpg is already installed. ==== SuSe/OpenSuse ==== The same requirements. Open your favourite terminal and type ''sudo zypper install gpg''. Please note, in most cases gpg is already installed. ==== Other linuxes/BSDs ==== Use your own package manager, or compile GnuPG from source. ==== Windows ==== Under windows it's possible to get it running via cygwin. ===== Using GnuPG ===== ==== Key creation ==== In order to create a key pair type in terminal the following: ''gpg --full-generate-key'' {{documentation:gpg-create-1.png}} Choose first method e.g. RSA and RSA. {{documentation:gpg-create-2.png}} Choose 4096 bits key long (it's more technically secure). {{documentation:gpg-create-3.png}} We'd recommend to choose 2 year lifespan. {{documentation:gpg-create-4.png}} Finally type your name, email and comment for the key pair (this is optional, you can leave it blank). You will be asked to type a passphrase to encrypt your private key with. **NOTE:** Don't forget your passphrase, you can loss your private key without passphrase. After this please be patient, some time is required to generate a key pair. ==== Import public key ==== To import someone's else public key all you need is type in terminal ''gpg --import '' ==== Commit your own public key ==== To publish your public key you need to provide it first. To get a file with your own public key, just type the following in terminal: ''gpg --export --armor 'yourname@example.com' > yourname.asc'' ==== Sign the data ==== ==== Data encryption ==== === Encrypt === To encrypt some data (e.g. file in the example below) you need to know a recipient and his/her public key. On the example below we're encrypting data in file secret.pdf for alice@askele.com: ''gpg -r 'alice@askele.com' -e secret.pdf'' Result file will be secret.pdf.gpg === Decrypt === In order to decrypt some data (e.g. file) you need to type the following (assuming you receive secret.pdf.gpg): ''gpg -d secret.pdf.gpg > secret.pdf'' Result will be stored in secret.pdf which is a plain (decrypted) data.