Breaking News
Home » News & Articles » PGP Tutorial For Newbs (Gpg4Win)

PGP Tutorial For Newbs (Gpg4Win)

 We found a great tutorial posted on reddit today about how to stay safe and use PGP.

The link to the original article is this: http://www.reddit.com/r/DarkNetMarkets/comments/1qdzl8/guide_pgp_4_n00bz/

All the credit for the tutorial goes out to this reddit user:  BenZoThr0w -  http://www.reddit.com/user/BenZoThr0w

All we did is to embed the images inside the tutorial for easier access & of course post it here to spread this important information.

=====

The goal here today is to try and educate n00bZ on what PGP is, how to install GPA, I’m making the guide because I educated myself on PGP and it took awhile for me to understand it. So here is a picture guide to installing and creating a PGP key to encrypt and de-crypt messages.

=== BACKGROUND of PGP ===

Basically, each individual has a unique PGP key. In the program GPA, you import peoples unique key to your list of keys. When you go to write a PGP message, you type it normally in the clipboard { you’l learn about the clipboard later, it’s your friend } and then press an encrypt button, which then lets you pick from your unique list of keys to encrypt to, where ONLY that person can read it. [ this is why people give their public keys out, so anyone can encrypt them a message ] === THE STEPS ===

- Step One -

Okay, so first things first, let’s get a PGP program. One of the most popular is GPA. Head over to this link to download gpg4win which includes GPA {you can see a list of the programs gpg4win contains to the left of the download page, GPA is one of them}

Download: http://gpg4win.org/download.html

IMPORTANT !!!!!!! ***********************

When installing gpg4win you get the option to install which programs you want from the package. By default, GPA is not checked. MAKE SURE YOU CHECK GPA! You need it in order to easily encrypt and decrypt messages. This is what it looks like during the installation:

Pgp Tutorial 1

Next, you want to make a PGP key. Remember, none of the details need to be valid. I’d use your online name or a different alias when making your key. Something that isn’t your gamertag for online games, or anything that may tie to you. A completely new alias. The e-mail doesn’t need to be valid at all. Here are some pictures to help you through the process. Also make a backup of your key!!!

First, click the keys in the menu at the top. Alternatively, you can click CTRL+N to begin the process of creating a key. Shown here:

Pgp Tutorial2

You will go through a set up, where you make a name for your key, which I suggest you use an alias. Shown here:

Pgp Tutorial 3

After selecting your alias it asks for an e-mail adress. This e-mail should be non existent, and be linked to a website that also doesn’t exist. Shown here:

Pgp Tutorial 4

Then you’re asked to make a backup of your key. I highly suggest you do this! Although you can make a back up at any time, you should just do it now. This is where your public key will be that you give to others to contact you. Shown here:

Pgp Tutorial 5
- Step 2 – Find Your Key -

Find where you put the back up of your key. It will be an .asc file but no worries, when asked to open the file just tell windows or whatever OS to open it using Notepad. Here you will find a public key similar to this.

Pgp Tutorial 6

When sharing your key with others, you wan’t to copy and paste from the beginning dashes to the end dashes. Exactly how I have copied and pasted above.

— HOW TO IMPORT SOMEONE ELSES PGP KEY TO YOUR GPA PROGRAMS –

You see people giving their public keys away so others can contact them. Simply open a notepad file, copy and paste their key and import it using the GPA program. I will show you how to do this.

First make a blank text file and copy the users pubic key to it. Shown here:

Pgp Tutorial 7

Then, in the Keys menu where you made your key, select import keys. Shown here:

Pgp Tutorial 8

Select the Text file you saved with the public key in it. Shown here:

Pgp Tutorial 9

Then you should get this if the key was successfully imported:

Pgp Tutorial 10

Now, lets send an encrypted message.

First, open the clipboard. You can get there through the Windows menu or through the clipboard icon on the quickbar. Shown here:

Pgp Tutorial 11

Then after opening clipboard type the message you’d like to send and select encrypt at the top of the clipboard window. Shown here

Pgp Tutorial 12

When you press encrypt, you are given a menu shown below. In this menu you select what key you’re using to send the message, and what key is going to be receiving the message. I chose to send the fake account used to make this tutorial a message with my personal account. Here’s what that menu looks like:

Pgp Tutorial 13

After you select who’s sending and who’s receiving you should get an encrypted message that looks like this:

Pgp Tutorial 14

This encrypted message is what you send instead of cleartext. So when messaging on websites, simply paste the PGP message. If you receive a PGP message, you can also use the clipboard to decrypt the message you have received by opening the clipboard, pasting the PGP message you got, and then pressing the decrypt button, shown here:

Pgp Tutorial 15

That about sums it up. I hope that people with questions on PGP and how it’s used can be solved here, as I tried to make the tutorial as noob as possible. Please be safe when communicating confidential or sensitive information on websites. Always PGP. Never FE. Be safe people. If you have questions, comment, and I’ll try my best to answer them.

=====

Hope this helps.

You might also like:

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

13 comments

  1. when encrypting i sometimes decrypt to check and it will say no valid data

  2. After I had imported the key, it said 1 public key read and 1 public key imported and the rest were 0′s. Does that mean it did not import correctly?

  3. gpg4usb might be a better choice for someone new to PGP as it is less complicated to use and is portable.

    If you are serious about PGP you need to protect your private key by encrypting your computer or using gpg4usb from inside a Truecrypt container.

  4. gpg4win is known to create broken or flawed keys, I can’t believe this is been recommended. Have a look at the security thread on SR2 forums Nightcrawler explains it better than I ever could. It also doesn’t use encrypted sub keys. GPG4USB is a much better and as easy to use system

  5. Also it is usually set to 2048 as default but these are not too secure these days and 4096 is as high as that program will allow so obviously set your key to 4096 bits when creating it

  6. How do I import my backed up private key.
    It is in a .asc format?

  7. In JollyRoger’s security thread it talks about using tails and livebox. Is that not necessary then?

  8. I am still a little unclear. When you have someone else public key and you send them an encrypted message do you also paste in your public key and encrypt it all and then send it?

    • Yes – only if you want them to be able to encrypt a message back to you with your key, you should add it to your message before encrypting it with his key.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>