Creative Commons Share Alike 3.0
These steps are very technical. For average users we nowadays recommend using the Seahorse application for managing GPG keys.
Before you can get or send GPG encrypted mail, you need to generate your public and private keys with GPG.
Open a terminal window and enter
Select an algorithm, then press Enter.
Select a key length, then press Enter.
Enter how long your key should be valid for.
Type your real name, then press Enter.
Type your email address, then press Enter.
(Optional) Type a comment, then press Enter.
Review your selected user ID. If it is correct, press O.
Type a passphrase, then press Enter.
Move your mouse randomly to generate the keys.
After the keys are generated, you can view your key information by entering /home/you/.gnupg/pubring.gpg ---------------------------- pub 1024D/32j38dk2 2001-06-20 you <you@example.com> sub 1024g/289sklj3 2011-06-20 [expires: 2012-11-14]
GPG creates one list, or keyring, for your public keys and one for your private keys. All the public keys you know are stored in the file
If you want, you can upload your keys to a key server:
Check your public key ID with gpg --list-keys
. It is the string after 1024D
on the line beginning with pub
. In the example above, it is 32j38dk2
.
Enter the command 32j38dk2
. You need your password to do this.
Key servers store your public keys for you so that your friends can decrypt your messages. If you choose not to use a key server, you can manually send your public key, include it in your signature file, or put it on your own Web page. However, it is easier to publish a key once, and then let people download it from a central place when they want.
If you don't have a key to unlock or encrypt a message, you can set your encryption tool to look it up automatically. If it cannot find the key, an error message appears.