Thursday, May 21, 2009

How to securly encrypt your emails.

I had trouble finding a good online tutorial walking one through all of the steps necessary to set up gpg, set up private/public keys, and use that to communicate securely with a friend. Anyhow the following is a quick tutorial of how to do this on Mac and Linux. If you are on windows try: http://www.gpg4win.org/ and see if you can use my tutorial along with whatever how-to guides they have to get it working.

If both you and your friend are new to Gnu Privacy Guard, then both of you should do the following.

1. install gnu privacy guard:
mac: http://macgpg.sourceforge.net/ and download current version
linux: it may already be installed in your system, on the command line type: gpg and see if anything happens. If not google "install gnu privacy guard [the name of your linux distro]" and there will surely be a tutorial.

On the command line:
2. type gpg --gen-key

3. I would select the first option DSA/emgammal or whatever

4. Choose the highest available encryption

5. Follow the rest of the instructions to finish generating a key. Your passphrase should be a longer sentence like "oh no i do not know how to type anymore after that accident"(please not that sentence though) and somehow remember that sentence.

6. type gpg --list-keys

7. You will have something that looks like:
pub 1024D/F217E383 2009-05-04
uid John St John (my launchpad key)
sub ******************************
****** (I blanked out my secret key info)

In the above example, the underlined text portion (F217E383) is my public key's ID. To upload that key to a keyserver so anyone can send you an encrypted file type:

gpg --send-key Your Key ID

8. To get my key so you can send me an encrypted file type in:

gpg --search-keys 'your_friend's_email_address@whatever.com'

and double check with your friend on phone or in person that the key you see is in fact theirs. You can also do the search by name, or probably key ID.

9. Now make a text file say "secret.txt" for example and type whatever message you want in it.

10. When you are in that folder on the command line type:

gpg --encrypt --sign --recipient 'your_friend's_email@whatever.com' secret.txt (or whatever your file is called)

follow the instructions...

11. you should have a file now called secret.txt.gpg that is an encrypted file that is impossible to decrypt by anyone who doesn't have access to your friend's private key.

12. add that file as an attachment to an email to your friend.

13. Have you friend download the attachment, then on the command line change to the directory that the file was downloaded to, and type:
gpg --decrypt file_name