User:Tim Starling/Gpg4win tutorial

Gpg4win is a package of open source utilities for key management, encryption and decryption. It can be used for email encryption in conjunction with web-based email or any other email client.

This tutorial can be moved to the Wikipedia namespace if that is deemed appropriate.

Installation

edit

Key generation

edit
  • Start "Kleopatra"
  • Click File > New Certificate > Create a personal OpenPGP key pair
  • Enter your name and email address, leave the comment blank. Note that the email address you give will be made public.
  • Click Next
  • Click "Create key"
  • Enter a passphrase. This will be used to encrypt the private key on your hard drive.

Publish public key

edit
  • In the main window, right-click on the key you just generated and click "Export certificates".
  • Save it somewhere on your hard drive with a .txt extension.
  • Open the file in notepad or whatever.
  • The key should start with
-----BEGIN PGP PUBLIC KEY BLOCK-----

Note that it says PUBLIC. If it says "private", you did something wrong. Don't publish your private key.

  • Paste the text from the file into Wikipedia while you are logged in, say as a user subpage, or in an HTML comment or collapsed box on your user page (e.g. by enclosing it {{PGP top}}/{{PGP bottom}}).

Receiving encrypted email

edit

An encrypted message looks like this:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.10 (GNU/Linux)

hQIOA5iUCyMfX/D2EAgAhikRs40xo05gNu9XSIO2jrjTIShwfWK2d7+9xlv9UjDN
...
-----END PGP MESSAGE-----
  • Copy the message including the BEGIN line and the END line. You can omit anything outside those lines, such as advertisements.
  • Paste it into notepad. Save it to a file.
  • In Kleopatra, click "Decrypt/Verify Files" in the toolbar.
  • Select the encrypted message file that you just saved.
  • Click "Decrypt/Verify"
  • If everything worked, a file should have been created in the directory you selected, containing the decrypted message.

Importing a public key

edit
  • Go to the user's user page, find their key.
  • Go to the page history, find the revision where the key was added. Make sure the correct user added it.
  • Go to the old revision.
  • Copy the key out of the old revision, paste it into a text file using notepad.
  • Save it to a file, with extension ".gpg". This may be difficult if you have Windows configured to hide file extensions.
  • In Kleopatra, click File > Import Certificates
  • Choose the .gpg file you saved.
  • Click "OK" when it tells you the import was successful.

Sending encrypted email

edit
  • Save the text you want to send in a text file, say using notepad
  • In Kleopatra, click "Sign/Encrypt Files"
  • Select the file with the message you want to send
  • Uncheck "Archive file with..."
  • Check "Text output (ASCII armor)"
  • Click Next
  • Click on your own certificate, click "Add". Then click the certificate of the person you want to send the message to, and click "Add" again.
  • Click Next
  • Under "OpenPGP Signing Certificate", select your own certificate, if it's not selected already.
  • Click "Sign and Encrypt".
  • A file will be created which contains the text you need to send. Open the file and paste it into an email.
  • Note that the subject line of the email is not encrypted. Don't put private information in the subject line.