GnuPG is a free software for secure communication. GnuPG itself is a communication tool without any graphical support. GnuPG uses non-patent algorithms such as DSA,RSA, ElGamal and RSA,CAST5, Camellia, Triple DES, AES, Blowfish etc.
Does not use any patented algorithms.
GPLed, written from scratch.
Supports key and signature expiration dates.
Online help system.
GnuPG encrypts data using key pairs. Each user has a key pair. A message encrypted with a recipient’s public key cannot be decrypted by anyone except the matching private key. Public key can be shared with other users.
Here you will see how to create keys and how to use it for data encryption and decryption.
Generating a new keypair
Use –gen-key option to create a key pair.
You have to selet the type of key
Please select what kind of key you want: (1) DSA and Elgamal (default) (2) DSA (sign only) (5) RSA (sign only) Your selection?
You have to specify the key pair size
What keysize do you want?
Then you have to specify expiration date
Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0)
You must also provide a USER ID. You need a User-ID to identify your key;
from Real Name, Comment and Email Address in this form: "Heinrich Heine (Der Dichter) <firstname.lastname@example.org>" Real name:
GnuPG need a Passphrase to protect your private key.
Now you have successfully create the keys. To list keys use the commandline option –list-keys
gpg --list-keys /users/user/.gnupg/pubring.gpg --------------------------------------- pub 1024D/BB7576AC 2010-06-04 Alice (Judge) <email@example.com> sub 1024g/78E9A8FA 2010-06-04
Encrypting and decrypting documents
The –encrypt(-e) option is used to encrypt files.
gpg --output doc.gpg --recipient firstname.lastname@example.org –-encrypt mydoc
Note if you are not specify ouput filename default name will be mydoc.asc
The –-recipient(-r) option is also important which specify the public key to which the key should encrypt.
By default there is only one public key but when we encrypt files for someone else we have to import their public key using
gpg --import key_file_to_import
Then to encrypt
gpg -r email@example.com -e file_to_encrypt
To decrypt the file you can use the –decrypt option. You need the private key to which the message was encrypted.
gpg --output doc --decrypt mydoc.asc Enter passphrase:
Hope this artticle will help you to getting started GnuPG.