GNU Privacy Assistant is a very simple application that does everything you need, as far as key managing, deleting, adding, signing and adding a level of trust to another person’s public key.
Few words about GPG (Gnu Privacy Guard)
GPG stands for Gnu Privacy Guard. It is a key-based encryption method which means that a pair of keys is used to encrypt and decrypt a message so that it arrives securely. Initially, a user receives a public and a private key pair from a certificate authority. Any other user who wants to send an encrypted message can get the intended recipient’s public key from the public directory. They use this key to encrypt the message, and then send it to the recipient. When the recipient gets the message, they decrypt it with their private key, which no one else should have an access to.
GPG gives you the public key and the private key.
• A public key is a key that you share with the public. It can be given to anyone you wish to send you encrypted messages to. They would encrypt the message with your public key. They cannot decrypt their own message after they encrypt it. Only you, who hold the private key
can decrypt the message.
• A private key is your own personal password. Your private key will be used to decrypt messaged encrypted in your public key, If you give someone your private key he can decrypt and read all your messages written in your public key.
To install the GPA:
Launch GPA, find it in menu, use run dialog (ALT + F2) or from the terminal:
When you open the GPA(GNU privacy assistant) the list will be blank.
To get started you need to create your public and private key.
To use GPG to encrypt your communications, you need to create a key pair.
To do this, click on the ‘Keys’ tab(hotkey K) and select ‘new key’
Fill in the forms, use any alias you prefer and then choose your “password” or the private key.
After you have your profile set up with your password, you must get your public key, so that people can encrypt messages in your key, and you can decrypt them with your private key.
Click on your name or profile in the keyring which is the white space that should now have the profile name you have created. There are four easy steps!
1) Create a new text file and save it to your desktop (name it public key)
2) Return to your GNU and Click on YOUR key/name to select your key.
3) Click the “Export Key” option
4) Find the file you just created named “public key”, select it and then click export at the bottom right.
Now, when you open the text file you will see unreadable data starting with
—–Begin PGP Public Key Block—–
This is what you will share with people so they can send you encrypted messages. Give this to anyone you wish to speak with anonymously.
Key servers are used to distribute your public key to other key servers so that other users can easily look up for your name (or the e-mail address) in the database and find your public key to send encrypted messages to you. This eliminates the process of physically or insecurely giving your friend your public key, and allows others to be able to find you on the online database.
You can use GPA to put your Public Key into the submission box at the Key server which will distribute your public key.
In order to upload your public key to the key server using the GPA, you will need to open the GPA. Select your key from the “Key Manager” window and click the “Export Public Key” in the toolbar. You can optionally choose the name and location of which it will be saved to.
Open your newly exported public key with a text editor (you can use gedit or any other).
Open up your browser and go to to http://keyserver.pgp.com/
Select and copy the entire contents of your public key file, and paste it into the “Submit a Key” or similar text area on the Keyserver (link provided above). Submit it, and it should then proceed to submit the key to the key server.
You should now be able to search for your name or e-mail address in the search string box on the Keyserver page, to find your public key on the Internet.
Decrypting a message
When someone sends you an encrypted message, you simply open up the message, select to decrypt, and type in your private key. Then, the message should be translated to a readable text.
How to import other people´s public keys
So far you have learned how to receive and decrypt messages. It´s time to learn how to send a message back to the other party so that they could decrypt it with their own private key or password.
When the other party shares with you their public key, copy and paste the entire key into a blank .txt document.
After that, return to your GNU Privacy assistant and select import, find the file you pasted their public key into and click Import.
Their profile should now be added to your keyring.
Now you can start sending encrypted messages back and forth!
How to create your encrypted message.
In the GPA, there is a clipboard tool. This is a place where you will write and encrypt your messages.
Try encrypting a message in your own key.
1) Open the clipboard in the GPA and type a message.
2) Select the encrypt option up top.
3) Select the Key that you wish to encrypt to, try your key first so you get the hang of it. The message should now become the same kind of random looking data you saw earlier.
4) Choose the decrypt option and type in your password if you encrypted to your own key, the message should now return to its original format.
1) If you share your private key, anyone can decrypt and read your messages.
2) You must give someone your public key in order for them to send you a message that
you can decrypt and read.
3) Don´t forget your private key. Make a protected backup or write it down somewhere
where you will not lose it or forget what it was.
4) If you do lose or forget your private key, you can create a new one, but you must share
your new public key in order to decrypt messages. You can not decrypt a message written in an old public key with your new private key.
If you prefer using terminal there is excellent article on GPG usage from CLI.