Home » Articles » Basic Guide to PGP On Linux
Click Here To Hide Tor

Basic Guide to PGP On Linux

Full credit goes to MLP_is_my_OPSEC for writing this tutorial – Thanks for publishing  and giving us your permission to post it!

Part 0 – Introduction

I promised it, and here it is! The PGP guide for Linux! Great timing too for Moronic Monday. For this guide we’ll be using GnuPG with Gnu Privacy Assistant as a graphical front-end. We will be using CLI to install these two pieces of software, and creating the keypair. The example OS in question is Linux Mint, so the commands for install may differ from your current OS. Don’t fret though! That’s the only part that may not be relevant to your OS, the rest of the guide will be the same across distros.

>>>Add A Layer Of Encryption: Click For The Best VPN Services<<<

Part 1 – Installing the software

Like I said in the intro, we’ll be using GnuPG with Gnu Privacy Assistant. I like GPA as a graphical front-end because its layout is really easy to understand and follow.

  1. Open up Terminal
  2. Type, without quotes, ‘sudo apt-get install gpa gnupg2’, then hit ‘enter’
  3. Enter your password, hit ‘enter’
  4. It will pull the dependancies needed for both to work properly, tell you the space needed, and ask you to confirm. Type ‘y’ then hit ‘enter’ to confirm
  5. Wait a bit as everything installs

This should only take a few minutes to complete. See this picture to confirm you’re doing the steps correctly:


Part 2 – Generating your keypair

Part 1 was easy, eh? Don’t worry things don’t get much harder. The next step is to create your keypair. We’ll be using 4096 bit RSA to keep things extra secure!

  1. In your Terminal, type without quotes ‘gpg –gen-key’, then hit ‘enter’
  2. It will ask you what kind of key you want. For our usecase, we want option ‘1’ :2
  3. Next step is key length. The longer the length, the more secure it is. We’ll go with 4096 bits: 33FN8mb[1]
  4. It will now ask if you want your key to expire after a certain amount of time. This is up to personal preference, but we’ll choose ‘key does not expire’, so just hit ‘enter’ 3
  5. Confirm that yes, the key will not expire. Type ‘y’, then hit ‘enter’ eGqruqQ[1]
  6. The next step will be to enter an ID to make it easier for people to identify your key. If you’ve made it this far, you should know what to do LgkPV7n[1]
  7. It will ask if this information is correct. If it is, type ‘O’ and hit ‘enter’ xxdJ8g4[1]
    Here is a great XKCD comic on creating secure passphrases
  8. Enter a passphrase to protect your secret key. ZKXIiPW[1]
  9. Here comes the fun part. It’s going to generate your key, and will ask you to do some random stuff to create entropy. I like to have a Youtube video going with a torrent running in the background, while randomly mashing keys in a text editor. See the picture for an example of what will be output in the terminal bshPVDM[1]
  10. annnddddd we’re done! QFynRxp[1]

Part 3 – Obtaining your public key

So we’ve installed the software, generated our super secure keypair. Now what? Well if you want to actually use it we need to obtain our public key. Everything from here will be done through the graphical front-end.

  1. Open Terminal, type ‘sudo gpa’, hit ‘enter’. Type in your password yeahIknowwhatyou’rethinking
  2. You’ll be greeted by this beautiful window eNSqF34[1]
  3. Click on the keypair you just created, click ‘Keys’ up at the top, then ‘Export keys…’ reYpsUv[1]
  4. Select where you want it saved, enter a filename, and click ‘Save’
  5. Browse to the location in your file manager, open up that file with a text editor

There’s your public key! Don’t forget to put this on your market profile so people can contact you easier.

Part 4 – Obtaining your private key

If you ever want to switch operating systems or PGP programs, you’ll need to do this. It’s just as easy as obtaining your public key. Make sure you keep this file safe!

  1. Hopefully you still have GPA open. If not, follow step #1 of Part 3
  2. Click on your keypair, click ‘Keys’ up at the top then ‘Backup’ reYpsUv[1]
  3. Select where you want it saved, keep the filename it gives you, and click ‘Save’
  4. A window will pop up, you can back up to a floppy if you’re stuck in the ’80s ucMIWk6[1]

Remember to keep this file safe! Don’t forget your passphrase!

Part 5 – Importing a public key

So you want to buy some dank marijuanas, you’ll need to encrypt your message unless you want LE kicking down your door and putting a boot to your throat. How is this done? Easy!

  1. Obtain the recipients public key, which can hopefully be found on their profile
  2. Copy everything, paste into a text editor, save it somewhere
  3. Up at the top, click ‘Keys’, then ‘Import key…’ reYpsUv[1]
  4. Select the key, then click ‘Open’. You’ll see this window QKWYuU5[1]
  5. We’re done! yFoD0X4[1]

I used some random key found on DDG. Thanks Alan!

Part 6 – Importing a private key

You finally realized that Microsoft/Apple is spying on you, and want to switch to an operating system that respects your right to privacy. How do you bring your key over?

  1. Up at the top, select ‘Keys’, then ‘Import Keys…’ DT815bw[1]
  2. Select your backup, it should have a file extension of .asc
  3. This window will appear q96G5m8[1]
  4. Your key is now imported

I could do this blindfolded!

Part 7 – Encrypting a message

GPA makes this easy as pie. Seriously, if you still can’t do it after following the below steps you shouldn’t be here.

  1. Click ‘Windows’ at the top, then ‘Clipboard’ Rxffusl[1]
  2. This beautiful window will appear BLjxPd0[1]
  3. Type in your message 56KECk8[1]
  4. Click the envelope with the blue key
  5. Select the recipient of the message, sign it with your key if you want, then click ‘Ok’ VGhlx8M[1]
  6. Your encrypted message will now appear in the buffer. Copy everything and send this to the recipient URp5e5a[1]

Part 8 – Decrypting a message

You sent your message, and the vendor responded! Now what? You’ll want to decrypt the message with your public key.

  1. Copy everything the vendor sent you, paste it into the buffer SMpYD1U[1]
  2. Click the envelope at the top with the yellow key
  3. Enter your passphrase Iki22bD[1]
  4. Read your message UyOiGI1[1]

Part 9 – Conclusion

There we have it, an easy to follow PGP guide for Linux with pictures! PGP can be overwhelming at first, but with persistence and the willingness to learn anyone can do it. Hopefully this guide will keep you guys safe on the DNM! I’ll have an OS X guide coming soon, and possibly a Windows guide following that. Any and all constructive feedback is appreciated, as well as suggestions for other guides!


  1. Good to see a decent gpg tut instead of recommending a bad got client like gpg4win.
    It is much better to use terminal to create a key instead of GPA, GPA wont create a 4096 key. but it is a good for key management and message editor, seahorse is also a good pgp client on Linux it will create a 4096 bit key with subkeys, gpg4win or kgpg doesn’t create subkeys with your private key so it’s pretty much useless unless you are hiding stuff on your kid sister.

  2. We need a tutorial about installing multisig on tails/linux!

    There are plenty of tuts about how to use it on deepweb markets, but none of about installing it on tails!

    Please make one!!!

    • mister bickles

      i “second” that…
      and…if i may….
      ‘steganography’ is, also, a good idea for hiding, say, an encrypted email….a tut’ on that would be good too….although i think its reasonably straight-forward, eh?!?
      (uses the “IDEA” encryption algorithm i think, eh?)

    • Skiddo

      You can use Electrum and Coibin. You can read a good tutorial on HANSA market.

  3. I love this is got a whole bunch of materials that are very useful.So with that I just hope u guys keep it up cuz your the shit

  4. You can see how to do encryption and descryption from terminal, in the case you use Live CD with Linux and you don’t want connection with Interent, for security reasons:


    There is subtitle in English and you can make full screen, to see subtitles. author created public and private keys and encrypted/decrypted file in Terminal and then encrypted message with password without gpg.

  5. I just converted to Ubuntu 2 weeks ago.
    got up to step 2 and that it.

    “~$ gpg –gen-key
    gpg: can’t open `–gen-key’
    [email protected]:~$ ”

    is there another way to go about this . i have my pgp keys all set up from when i was on windows. need to re-access them

    • This works on Ubuntu (just did it). That is a typo on the author’s part. Remove his entire line of code (he uses a weirdly encoded dash there, so seriously, remove the whole thing) and type out: gpg –gen-key

      The screenshot he uses shows it being typed correctly.

      • bob

        It looks like the website turns two dashes into one n-dash character. Type it out with two dashes, not the one n-dash. :)

      • Emiel

        Bob I type gpg -gen-key error “Invalid Option”
        I type gpg–gen-key “Command not Found”
        I am using Mint 17

  6. # humbly; a useful password generator perl stub for monkey business

    $_len = shift || 25 ;
    for $i ( 1 .. 10 )
    printf “%.2i => “, $i ;
    for( 1 .. $_len )
    printf “%c”, int(rand(90))+32 ;
    print ” <=\n" ;


    The snippet provided was HARMLESS. Go fuck yourself, you password-hating troglodyte!

  8. although printf() has been known to lag older cpus :(

  9. I “third”

  10. I also would like to have GnuPG with GnuPrivacy under the Tails OS. Does anyone know how to install ‘gpa gnupg2’ using Tails?

    • Jeff North

      Upon Tails boot, add password for admin so you can login as root, type into terminal:

      sudo -i (then enter your pw)
      apt update (wait for it to finish)
      apt install gpa

      gnupg2 is already installed by default.

      Also you’ll need to run…

      gpg –full-generate-key

      This software has been updated so –gen-key only generates 2048 key.

  11. thanks a lot for guide – it helped

  12. Hi,

    Can you give the guide to encrypt and decrypt text file both in command line (and without the passphrase)?


  13. gpg –gen-key
    The following packages were automatically installed and are no longer required:
    linux-headers-3.19.0-23 linux-headers-3.19.0-23-generic
    linux-image-3.19.0-23-generic linux-image-extra-3.19.0-23-generic
    Use ‘apt-get autoremove’ to remove them.
    0 upgraded, 0 newly installed, 0 to remove and 54 not upgraded.
    [email protected]:~$ ‘gpg –gen-key’
    No command ‘‘gpg’ found, did you mean:
    Command ‘kgpg’ from package ‘kgpg’ (universe)
    Command ‘gpg’ from package ‘gnupg’ (main)
    ‘gpg: command not found
    [email protected]:~$ ‘gpg –gen-key
    No command ‘‘gpg’ found, did you mean:
    Command ‘gpg’ from package ‘gnupg’ (main)
    Command ‘kgpg’ from package ‘kgpg’ (universe)
    ‘gpg: command not found
    [email protected]:~$ gpg –gen-key
    gpg: can’t open –gen-key'

    this is what happens on my 15.10 ubuntu
    .....gpg: can't open

  14. gpg –gen-key

  15. Hi,

    I did all of the above and it all worked perfectly at first. Now i see this message-

    ‘The GPGME library returned an unexpected error. The error was: Unsupported Certificate. The is probably a bug in GPA. GPA will now try and recover from this error.’

    Now i cant do anything.

    Any recommendations?

    Thanks in advance

  16. Hi,

    I did all of the above and it all worked perfectly at first. Now i see this message-

    ‘The GPGME library returned an unexpected error. The error was: Unsupported Certificate. The is probably a bug in GPA. GPA will now try and recover from this error.’

    Now i cant do anything.

    Any recommendations?

    Thanks in advance

  17. Yeah,
    just run ‘sudo gpa –disable-x509’ and it will work
    (at least it worked for me)

    • Hi
      I am totally new to this, so please help. I got to the generate key-part, but then I get this:
      gpg: no writable public keyring found: eof
      Key generation failed: eof
      Help, anyone?

  18. when importing a key a public key how do I know which one of them is the one imported?

  19. Hi
    I am totally new to this, so please help. I got to the generate key-part, but then I get this:
    gpg: no writable public keyring found: eof
    Key generation failed: eof
    Help, anyone?

  20. Thank you so much for this. Your explanation is precise and clear. The instructions are logical and it’s all darned good.
    I wish you were my friend. xx

  21. You need to update or change this post. There is a known bug with the gpa gnupg2 on debian.


  22. ~$ pg –gen-key
    pg: –gen-key: No such file or directory

    That’s what I get when I hit enter

    Is there an updated version of this Tutorial? I’m just learning how to use ubuntu and its apps

  23. when you write, at part 8 “you’ll want to decrypt the message with your public key.” isnt’ actually the private key the one you need to decrypt the message?

  24. Rick Johnson

    “Type, without quotes, ‘sudo apt-get install gpa gnupg2’, then hit ‘enter’”….
    My Fedora system doesn’t understand this command. I’m so confused…
    ‘Linux’ != ‘buntu!!!!!! You don’t even mention anywhere that this tutorial is only for Ubuntu-based systems.


  25. I’m using Ubuntu 16.04 when I try to open in terminal sudo gpa I get the following messages

    (gpa:25451): Gtk-WARNING **: Unable to locate theme engine in module_path: “hcengine”,

    gpa:25451): IBUS-WARNING **: The owner of /home/my/.config/ibus/bus is not root!

    Worked at first and then crashed What is wrong?

  26. ThatsNotWhatICallABasicGuide

    Why the fuck is noone saying where to find this PGP terminal ? o_O OMG!

  27. “Unable to locate package gpa” – how to fix it?

  28. Is it unwise to use a personal email address, or does it not matter?

  29. Running Linux Mint 18 (debian based) I cannot seem to create a key: it tells me needs more bytes to create 4096 sized key, and I have created/done more computer activity, but its never enough. (Apparently the key’s randomization is based on extraneous PC activity, right? Well I can never seem to create enough activity.)

    Suggestions? I am not new to the concept, just have never done this before. :)

  30. Hi,
    I tried all the steps but at ‘Part 8 – Decrypting a message’ when I click on the envelope with the key, it does not ask for the pass-phrase. Instead, Gnu Privacy Assistant card manager appears and shows an error message: “error accessing the card.”

    Please help

  31. GPA wont open??? I have create a key but gpa wont open?

  32. Thanks for the really good guide. Just one thing is beyond me: Why in the world are you starting gpa with sudo?

  33. The BEST and complete tutorial ever made!! Thank you so much!!

  34. Deepdotweb, I really need your help on this as I need this up and running urgently. I’ve followed all of your steps however when I run GNU I get the following error:

    ‘It seems that no CMS engine is installed.

    Temporary disabling support for X.509.

    Please install a CMS engine or invoke this program
    with the option –disable-x509 .’

    It still opens and lets me click on everything apart from when I click on on of the keys in the hey manager the program completely closes. PLEASE help. Thank you.

  35. I am newby to this post

  36. My install crashed at the beginning. I typed in “sudo apt-get install gpa gnupg2” and terminal never gave me an opportunity to input my password.

    What went wrong?

  37. My first Key worked as it is meant to be, but then i created six other keys and none of them showed up in GPA. Anyone know how to fix this?

  38. I did everything key generated after rebooting system it won’t save any GPA data or application somebody help me

  39. With the newest version of GnuPG2, the first command of STEP TWO entered should be
    “gpg2 –full-gen-key” , instead of “gpg -gen-key”

  40. I have noticed that when you decryption a message the passphrase is saved in GPA couple min so you can decryption other messages without the passphrase.
    How do you change so the passphrase isn’t saved that long time?

  41. cheers guys,

    I am pretty new to all that stuff and need your help.
    I followed the instructions and managed to build a keypair. After doing so and finding out that it was quite simple I decided to redo the process to change the ID-Data like name and email-adress. I deleted the keypair and started over. But this time it did not generate a keypair but a single key. Now I wonder what went wrong. I deleted the secret key, tried again, same result. What should I do now?

  42. Really nice guide. Thank you so much!

  43. Thanks for this guide, it’s a jewel, I laughed a LOT…. ah, btw, worked for me too!

  44. No it just returns errors, i didnt get asked for the (y) to install. I have read and re read this whole thread many times all night. I dont want to complain and im not as the author has clearly put an lot of effort into making this clear. Also I am no stranger to following cli linux instructions, but i just get no further than the end of stage 1. feelingkinda foolish as I just dont get it. I used to use win2pgp years ago and no longer want to have anything to do with windoze. I found someone who i want to communicate with from long ago but cant encrypt my msg. So i guess i will look for other tutorials. (sorry for sounding like in insolent brat here.. but i suspect you feel my pain). regards tom all. night night

    • I also did not get the (Y), When I type in in terminal gpg –gen-key I am getting this message:
      gpg: WARNING: unsafe permissions on homedir ‘/home/XX/.gnupg’
      gpg: WARNING: no command supplied. Trying to guess what you mean …
      gpg: can’t open ‘–gen-key’

  45. I accidentally published my private key online instead of my public key.

    It was up for about 24 hours before I took it down.

    Of course I will no longer use that key pair, and will make a new one.

    But I would like to know is if the name and email address are coded into the key somehow, and if they can be extracted.

    I expect the answer is negative but I’m not experienced with PGP encryption and I would like to make sure.

  46. Legend for this!

  47. Wow this tutorial was a breath of fresh air this shit has been burning my head out all day it is nice to see a all in one tutorial for once Thanks

  48. When I try to import a public key I get the error message “No keys were found.” How to fix?

  49. When I try importing a public key I get the error message “No keys were found.” How to fix?

Leave a Reply

Your email address will not be published. Required fields are marked *


Captcha: *