chevron_left chevron_right
Login Register invert_colors photo_library


Stay updated and chat with others! - Join the Discord!
Thread Rating:
  • 0 Vote(s) - 0 Average


How to setup and use PGP filter_list
Author
Message
How to setup and use PGP #1
PGP is the hot topic when it comes to encryption. Until quantum processors are available to your everyday shady cracker, your standard PGP-encrypted message would take roughly 10^22 years to crack, which is far older than the known universe. If you need to pass volatile and/or sensitive data around, this is the way to do it.

Setup

The first step is to download your client of choice. I personally use GnuPG (gpg for short), which is free and open-source(ish). Head here and download the version for your os to get started. I'm currently running the barebones, gpg-only installation, but install what you like and learn about it separately.
[Image: 0RpF9iA.png]

Once gpg is installed, it should be added to your system's PATH. If not, add it manually.
Spoiler: howto
windows:
Code:
$ path=%path%;<gpg install directory>

nix:
Code:
$ PATH=$PATH:<gpg install directory>

To get an idea of what gpg offers, go ahead and run it with the --help option. Afterwards, it's time to create your first key.

Generating Keys

Generating PGP keys sounds like an arduous and menial task, but it's actually very well thought-out and straightforward. Simply run gpg --gen-key and you'll be prompted for your information. Speaking of, some tips on entering information: use a fake email on a fake domain, and obviously use a pseudonym. If not absolutely necessary, avoid including a comment.

After the key generation has finished, it's a good idea to back it up via exporting it immediately. Now would be a good time to mention that gpg is very lenient with it's name searching. For example, my registered name is Ao Nanami, but supplying "Ao" is enough for the program to recognise who I'm referencing.
Code:
$ gpg --export -a "Ao">pub.key             # export public key
$ gpg --export-secret-key -a "Ao">sub.key  # export private (secret) key
Without question, stash the sub somewhere secure. Let's move along, shall we?

As a bonus, you can make your public key, well, public, via uploading it to a keyserver. First, you need to get your key id, which is found in the output of the gpg --list-keys command. Then, you supply the key id to the --send-keys command.
Code:
# sub is redacted for obvious reasons
$ gpg --list-keys Ao
         # vvvvvvvv
pub   2048R/3E2070C7 2016-08-03
uid                  Ao Nanami <ao@foo.bar>
...

$ gpg --send-keys 3E2070C7
# you should just get this as a response; it will
# complain if something goes wrong
gpg: sending key 3E2070C7 to hkp server keys.gnupg.net

Importing Keys

Alas, there's a bit more to learn before we get to encrypt "Hello, World!". We need someone to send the message to, after all. To get that someone, we need to import their key.

Let's say our good friend Richard Stallman sent us his public key. To add this key to our keyring, we import it by doing the following (assuming the file is named richard.key):
Code:
$ gpg --import richard.key
Which gives us the clean output:
Code:
gpg: key C77C0652: public key "Richard Stallman <richard@iownyou.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)

A quick note: when using an imported key for the first time, you'll get a foreboding warning about identity theft and such. To avoid this, use gpg --edit-key <name> and enter the trust command.

On this note, to send your key, it needs to be exported.
Code:
$ gpg --export -a "Ao">mypub.key

NOW we can encrypt!

Encrypting/Decrypting Messages

Let's say our message, "Hello, World!", naturally, is in a file called hello.txt. To encrypt this for dear old Rich, we use the following command:
Code:
$ gpg --encrypt -r "richard" hello.txt
The output appears in a file called hello.txt.gpg, which is what we send on to Richard.

Oh, cool, we got a message back! We decrypt it with the --decrypt option, as follows:
Code:
$ gpg --decrypt reply.gpg
In response, we're prompted for our password:
Code:
You need a passphrase to unlock the secret key for
user: "Ao Nanami <ao@foo.bar>"
2048-bit RSA key, ID 415233AB, created 2016-08-03 (main key ID 3E2070C7)
After that's entered, out comes the message, along with some data I didn't include because I'm lazy:
Code:
For a GNU dawn! For freedom!
 - <3 Rich

And there you have it: the basics of an encryption system more secure than you'll probably ever need. Enjoy!

[+] 1 user Likes Inori's post
Reply

RE: How to setup and use PGP #2
PGP is going on 25 years. Even though its difficult to crack, I don't know why we haven't decided to up it, besides minor changes.

Nice tutorial though, even though its something that can easily be found online, this actually was easier to understand than most!

I always lose my PGP keys though, can you recommend a good public keystore? (besides mit)
You can find me on Keybase
"Reach the state of ubiquity, and you will be in control"
Student, Technician, Designer, and more.
[Image: 8y6vps.png]


Reply

RE: How to setup and use PGP #3
Without doubt a HQ thread that's very well formatted, elaborated and easy to follow and comprehend.

Good work, a job well done.
[Image: AD83g1A.png]

[+] 1 user Likes mothered's post
Reply

RE: How to setup and use PGP #4
good tutorial, something everyone needs to know

Reply

RE: How to setup and use PGP #5
Nice. You should've gone further in-depth and explained how asymmetric encryption works, just a suggestion.

Reply

RE: How to setup and use PGP #6
(08-03-2016, 03:40 PM)meow Wrote: Nice. You should've gone further in-depth and explained how asymmetric encryption works, just a suggestion.

A topic for another thread, but a good suggestion. I'll probably write something up tonight.

Reply






Users browsing this thread: 1 Guest(s)