User Tools

Site Tools


GnuPG introduction tutorial


This document describes how to use gnupg (gpg) tool to make a basic (everyday) operations, described in this page. Also, it's highly recommended to read mentioned document first.

GnuPG is a standard tool to use. It's a text-based console application, but it's a way more ease to use comparing with a graphical application.

Getting GnuPG

Mac OS X

Install brew tool

Brew tool is a tool of Homebrew_(package_management_software), so, in order to install it, please do the following:

  • Open a terminal found on /Applications/Utilities/
  • Run xcode-select –install


  • Click install button on the dialog


  • Wait until complete


The full article might be found at


It's an easy to do in MacOS using brew. Just run in the terminal (mentioned early): brew install gpg

Debian-based OSes (ubuntu, debian, devuan)

You need a sudo access in order to install a package.

Open your favourite terminal and type sudo apt-get install gpg.

Please note, in most cases gpg is already installed.


The same requirements.

Open your favourite terminal and type sudo zypper install gpg.

Please note, in most cases gpg is already installed.

Other linuxes/BSDs

Use your own package manager, or compile GnuPG from source.


Under windows it's possible to get it running via cygwin.

Using GnuPG

Key creation

In order to create a key pair type in terminal the following: gpg –full-generate-key

Choose first method e.g. RSA and RSA.

Choose 4096 bits key long (it's more technically secure).

We'd recommend to choose 2 year lifespan.

Finally type your name, email and comment for the key pair (this is optional, you can leave it blank). You will be asked to type a passphrase to encrypt your private key with.

NOTE: Don't forget your passphrase, you can loss your private key without passphrase.

After this please be patient, some time is required to generate a key pair.

Import public key

To import someone's else public key all you need is type in terminal gpg –import <filename of the public key>

Commit your own public key

To publish your public key you need to provide it first. To get a file with your own public key, just type the following in terminal: gpg –export –armor '' > yourname.asc

Sign the data

Data encryption


To encrypt some data (e.g. file in the example below) you need to know a recipient and his/her public key. On the example below we're encrypting data in file secret.pdf for gpg -r '' -e secret.pdf

Result file will be secret.pdf.gpg


In order to decrypt some data (e.g. file) you need to type the following (assuming you receive secret.pdf.gpg): gpg -d secret.pdf.gpg > secret.pdf

Result will be stored in secret.pdf which is a plain (decrypted) data.

documentation/gnupg-intro.txt · Last modified: 2019/10/03 01:15 by derek