<h1>How To Encrypt Your Own Documents Using gpg</h1>
<h4class="post-date line-under">Monday, April 06 2020</h4>
<divclass="article">
<p>If you have ever wanted to garuntee the utmost security of your emails and documents, then this is the guide for you!
It should be noted that in some circles the tools used are more common than in others.
These are the everyday tools of many privacy advocates and computer nerds.</p>
<p>If you have never used Linux however, then the method of doing this will be rather unfamiliar.
This tutorial will be done on an <ahref="https://archlinux.org/">Arch Linux</a> machine,
but it should be the same on Ubuntu, Fedora, CentOS, Debian,
OpenBSD, FreeBSD, MacOSX, etc.
The only operating system that does not include these tools by default (or easily accessible) is Windows.</p>
<p>This tutorial makes heavy use of the terminal.
You have been warned.</p>
<p><em>Let us…begin!</em></p>
<h2id="glossary">Glossary</h2>
<ul>
<li><ahref="https://en.wikipedia.org/wiki/Binary-to-text_encoding#ASCII_armor"><strong>ASCII armour</strong></a> — A way to encode <strong>OpenPGP</strong> documents so they are readable by humans. These files end in .asc</li>
<li><strong>(Open)PGP</strong> — An open standard for encoding pulbic keys and encrypted documents.</li>
<li><strong>GPG</strong> — GNUPrivacyGaurd is an implementation of <strong>OpenPGP</strong>. It is installed by default on most Linux distrobutions.</li>
</ul>
<h2id="step-0-setup">Step 0: Setup</h2>
<p>We will be using the utility <codeclass="highlighter-rouge">gpg</code> for this tutorial.</p>
<p>The other thing to note: The character ‘$’ (dollar sign) is usually not typed when shown in a command.
It simply indicates that you do not need administrative privilages to run these commands.</p>
<p>Test to see if you get this output in your terminal.</p>
<preclass="terminal">
$ gpg --version
gpg (GnuPG) 2.2.20
libgcrypt 1.8.5
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
...
</pre>
<p>If this is not successful look into how to install these tools on your system.</p>
<h2id="step-1-getcreate-a-public-key">Step 1: Get/Create A Public Key!</h2>
<p>Step one is having somebody to send your encrypted message to. Maybe this is a friend, a journalist, or a whistleblower.</p>
<p>To encrypt a document with somebody’s public key, you need to first obtain it.
My public key is available <ahref="/public-key.asc">at this link</a>, and you can use it to send me encrypted stuff.</p>
<p>If you are on a linux terminal, you can use the <codeclass="highlighter-rouge">curl</code> or <codeclass="highlighter-rouge">wget</code> command to download it.</p>
<h2id="step-2-import-public-key">Step 2: Import Public Key</h2>
<p>This list of keys that <codeclass="highlighter-rouge">gpg</code> keeps on tap so to speak, is called our “keyring”.
Your will need to import a new public key to encrypt files with <codeclass="highlighter-rouge">gpg</code>.</p>
<p>If you already created your own public key, then this step is not necessary unless you want to also encrypt something for me :)</p>
<figure>
<imgsrc="/assets/img/keyring.jpg"alt="A keyring holding eight allen keys."/>
<figcaption>
A keyring holding eight allen keys.
</figcaption>
</figure>
<p>To import a public key to use for encrypting files, use the <codeclass="highlighter-rouge">--import</code> option of <codeclass="highlighter-rouge">gpg</code>. Like so:</p>
<preclass="terminal">
$ gpg --import public-key.asc
gpg: key 64FB4E386953BEAD: public key "Tait Hoyem <tait.hoyem@protonmail.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
</pre>
<p>Now that we have imported a public key, we can make a message to send!</p>
<h2id="step-3-have-a-message-to-encrypt">Step 3: Have A Message To Encrypt</h2>
<p>You can make a new file which holds some important, secret data.
Feel free to use a graphical editor if you have one, if not, <codeclass="highlighter-rouge">nano</code> works alright too.</p>
<preclass="terminal">
Rules Of A Good Life:
1. Wash your hands!
2. Work hard!
3. Be firm.
5. Have good friends!
</pre>
<p>Save this file as something like <codeclass="highlighter-rouge">test-pgp.txt</code>, and we’ll use that name later.</p>
<h2id="step-4-encrypt-a-message">Step 4: Encrypt A Message</h2>
<p>Now that we have a message to send and person to send to,
all we have to do is encrypt this message and it’ll be on its merry way!
To do so, we must specify two new options to <codeclass="highlighter-rouge">gpg</code>.</p>
<p>The first is <codeclass="highlighter-rouge">--recipient</code>.
This tells <codeclass="highlighter-rouge">gpg</code> to encrypt using a certin public key that we have in our keyring.
You can use the person’s name, email address, or the key’s uid.</p>
<p>The second is <codeclass="highlighter-rouge">--encrypt</code>.</p>
<p>You will also specify the <codeclass="highlighter-rouge">--armour</code> option to use ASCII armoured files. Put this option after <codeclass="highlighter-rouge">--encrypt</code>, and put the file name after <codeclass="highlighter-rouge">--armour</code>. See below.</p>
<p>You can either use your own public key name to encrypt a document (allowng only you to decrypt it),
or you can use my public key that we imported earlier (allowing only me to decrypt it).