Setting up PGP Keys

pgp
keys
security

#1

The following was originally posted to reddit by a user to help clarify peoples questions with PGP and security. This is the simplest and best tutorial to help people.

– Step One –

Okay, so first things first, let’s get a PGP program. One of the most popular is GPA. Head over to this link to download gpg4win which includes GPA {you can see a list of the programs gpg4win contains to the left of the download page, GPA is one of them}

Download: http://gpg4win.org/download.html

IMPORTANT !!! ***********************

When installing gpg4win you get the option to install which programs you want from the package. By default, GPA is not checked. MAKE SURE YOU CHECK GPA! You need it in order to easily encrypt and decrypt messages. This is what it looks like during the installation:

Next, you want to make a PGP key. Remember, none of the details need to be valid. I’d use your online name or a different alias when making your key. Something that isn’t your gamertag for online games, or anything that may tie to you. A completely new alias. The e-mail doesn’t need to be valid at all. Here are some pictures to help you through the process. Also make a backup of your key!!!

First, click the keys in the menu at the top. Alternatively, you can click CTRL+N to begin the process of creating a key. Shown here:

You will go through a set up, where you make a name for your key, which I suggest you use an alias. Shown here:

After selecting your alias it asks for an e-mail adress. This e-mail should be non existent, and be linked to a website that also doesn’t exist. Shown here:

Then you’re asked to make a backup of your key. I highly suggest you do this! Although you can make a back up at any time, you should just do it now. This is where your public key will be that you give to others to contact you. Shown here:

– Step 2 – Find Your Key –

Find where you put the back up of your key. It will be an .asc file but no worries, when asked to open the file just tell windows or whatever OS to open it using Notepad. Here you will find a public key similar to this.

When sharing your key with others, you wan’t to copy and paste from the beginning dashes to the end dashes. Exactly how I have copied and pasted above.

— HOW TO IMPORT SOMEONE ELSES PGP KEY TO YOUR GPA PROGRAMS —

You see people giving their public keys away so others can contact them. Simply open a notepad file, copy and paste their key and import it using the GPA program. I will show you how to do this.

First make a blank text file and copy the users pubic key to it. Shown here:

Then, in the Keys menu where you made your key, select import keys. Shown here:

Select the Text file you saved with the public key in it. Shown here:

Then you should get this if the key was successfully imported:

Now, lets send an encrypted message.

First, open the clipboard. You can get there through the Windows menu or through the clipboard icon on the quickbar. Shown here:

Then after opening clipboard type the message you’d like to send and select encrypt at the top of the clipboard window. Shown here

When you press encrypt, you are given a menu shown below. In this menu you select what key you’re using to send the message, and what key is going to be receiving the message. I chose to send the fake account used to make this tutorial a message with my personal account. Here’s what that menu looks like:

After you select who’s sending and who’s receiving you should get an encrypted message that looks like this:

This encrypted message is what you send instead of cleartext. So when messaging on websites, simply paste the PGP message. If you receive a PGP message, you can also use the clipboard to decrypt the message you have received by opening the clipboard, pasting the PGP message you got, and then pressing the decrypt button, shown here:

That about sums it up. I hope that people with questions on PGP and how it’s used can be solved here, as I tried to make the tutorial as noob as possible. Please be safe when communicating confidential or sensitive information on websites. Always PGP. Never FE. Be safe people. If you have questions, comment, and I’ll try my best to answer them.