<h1>How To Encrypt Your Own Documents Using gpg</h1>
<spanclass="post-date">Monday, April 06 2020</span>
</header>
<hr>
<divclass="article">
<p>If you have ever wanted to garuntee the utmost security of your emails and documents, then this is the guide for you!
It should be noted that in some circles the tools used are more common than in others.
These are the everyday tools of many privacy advocates and computer nerds.</p>
<p>If you have never used Linux however, then the method of doing this will be rather unfamiliar.
This tutorial will be done on an <ahref="https://archlinux.org/">Arch Linux</a> machine,
but it should be the same on Ubuntu, Fedora, CentOS, Debian,
OpenBSD, FreeBSD, MacOSX, etc.
The only operating system that does not include these tools by default (or easily accessible) is Windows.</p>
<p>This tutorial makes heavy use of the terminal.
You have been warned.</p>
<p><em>Let us…begin!</em></p>
<h2id="glossary">Glossary</h2>
<ul>
<li><ahref="https://en.wikipedia.org/wiki/Binary-to-text_encoding#ASCII_armor"><strong>ASCII armour</strong></a> — A way to encode <strong>OpenPGP</strong> documents so they are readable by humans. These files end in .asc</li>
<li><strong>(Open)PGP</strong> — An open standard for encoding pulbic keys and encrypted documents.</li>
<li><strong>GPG</strong> — GNUPrivacyGaurd is an implementation of <strong>OpenPGP</strong>. It is installed by default on most Linux distrobutions.</li>
</ul>
<h2id="step-0-setup">Step 0: Setup</h2>
<p>We will be using the utility <codeclass="language-plaintext highlighter-rouge">gpg</code> for this tutorial.</p>
<p>The other thing to note: The character ‘$’ (dollar sign) is usually not typed when shown in a command.
It simply indicates that you do not need administrative privilages to run these commands.</p>
<p>Test to see if you get this output in your terminal.</p>
<p>Step one is having somebody to send your encrypted message to. Maybe this is a friend, a journalist, or a whistleblower.</p>
<p>To encrypt a document with somebody’s public key, you need to first obtain it.
My public key is available <ahref="/public-key.asc">at this link</a>, and you can use it to send me encrypted stuff.</p>
<p>If you are on a linux terminal, you can use the <codeclass="language-plaintext highlighter-rouge">curl</code> or <codeclass="language-plaintext highlighter-rouge">wget</code> command to download it.</p>
<h2id="step-2-import-public-key">Step 2: Import Public Key</h2>
<p>This list of keys that <codeclass="language-plaintext highlighter-rouge">gpg</code> keeps on tap so to speak, is called our “keyring”.
Your will need to import a new public key to encrypt files with <codeclass="language-plaintext highlighter-rouge">gpg</code>.</p>
<p>If you already created your own public key, then this step is not necessary unless you want to also encrypt something for me :)</p>
<figure>
<imgsrc="/assets/img/keyring.jpg"alt="A keyring holding eight allen keys."/>
<figcaption>
A keyring holding eight allen keys.
</figcaption>
</figure>
<p>To import a public key to use for encrypting files, use the <codeclass="language-plaintext highlighter-rouge">--import</code> option of <codeclass="language-plaintext highlighter-rouge">gpg</code>. Like so:</p>
<p>Save this file as something like <codeclass="language-plaintext highlighter-rouge">test-pgp.txt</code>, and we’ll use that name later.</p>
<h2id="step-4-encrypt-a-message">Step 4: Encrypt A Message</h2>
<p>Now that we have a message to send and person to send to,
all we have to do is encrypt this message and it’ll be on its merry way!
To do so, we must specify two new options to <codeclass="language-plaintext highlighter-rouge">gpg</code>.</p>
<p>The first is <codeclass="language-plaintext highlighter-rouge">--recipient</code>.
This tells <codeclass="language-plaintext highlighter-rouge">gpg</code> to encrypt using a certin public key that we have in our keyring.
You can use the person’s name, email address, or the key’s uid.</p>
<p>The second is <codeclass="language-plaintext highlighter-rouge">--encrypt</code>.</p>
<p>You will also specify the <codeclass="language-plaintext highlighter-rouge">--armour</code> option to use ASCII armoured files. Put this option after <codeclass="language-plaintext highlighter-rouge">--encrypt</code>, and put the file name after <codeclass="language-plaintext highlighter-rouge">--armour</code>. See below.</p>
<p>You can either use your own public key name to encrypt a document (allowng only you to decrypt it),
or you can use my public key that we imported earlier (allowing only me to decrypt it).