Home » Articles » PGP Tutorial For Newbs Gpg4usb
Click Here To Hide Tor

PGP Tutorial For Newbs Gpg4usb

To wrap up the last of the PGP guides we’ll be covering gpg4usb. Gpg4usb is a PGP tool that can be ran off of a USB drive and works on both Windows and GNU/Linux, with OS X support planned. It features a very intuitive user interface, portability so it can be used on multiple devices, and is of course open source. It uses GnuPG as the backend, like most PGP methods. The operating system used in this tutorial will be Linux Mint, but the UI will be the same across GNU/Linux distros and Windows versions.

>>>Add A Layer Of Encryption: Click For The Best VPN Services<<<

Please keep in mind that not all versions of PGP are created equally, some PGP programs use an insecure or unsafe version of PGP that could comprimise the encrypted message. Others — namely PGP4Win, Kleopatra, and GPA – use depreciated versions of GnuPG. This means that they aren’t up to date with the latest version of GnuPG or meet modern PGP standards. This can be dagerous as, for example, Kleopatra doesn’t generate subkeys. Subkeys are important as they can be revoked to minimize damage from a comprimised key. You’ll also want to keep in mind not to use online PGP methods like iGolder. You don’t own the keys, so you can’t be 100% sure they aren’t encrypting/decrypting messages that are meant for your eyes only.

Why use gpg4usb over other PGP methods?

  1. gpg4usb creates RSA keys with an encryption subkey and a master key. Your master key is used for signing other keys, creating subkeys, and revoking subkeys. Having subkeys is very important since if it becomes compromised, you can revoke it with the master key and create a new secure subkey.
  1. Like stated above, gpg4usb is cross-platform. If you decide to switch from Windows to GNU/Linux you can still have the same keys and a familiar interface to work with. With OS X support planned this only gives another reason why you should use gpg4usb over other programs.
  1. gpg4usb is portable. This means that you can bring your keys and PGP program with you wherever you go without needing to import your keys into another program. If you plan on doing this though it’s a good idea to encrypt you USB drive. This page over at the ArchLinux wiki explains how you can do this on GNU/Linux any why you should encrypt your USB drive, or read this page if you’re using a Windows computer.
  1. The interface for gpg4usb is the most intuitive out of all other PGP front-ends. The UI is laid out in an easy to understand manner and options are clearly defined.
  1. You can encrypt messages created in gpg4usb with multiple keys. This means that you can have multiple recipients for a message, and you can even encrypt it with your own key. Nobody decrypting a message encrypted with multiple keys can see that it was meant for anyone other than them. This is good if you get scammed on the DNM since you can now have proof to back up any claims you have.

Part 1 – Installing the software

Since gpg4usb is a portable program, it’s not really installed per se. It’s a bunch of files that will be extracted from a .zip archive, and copied onto the USB drive. Head on over to the gpg4usb website and click on the green download button, and save the file. If you want to check out the source code you can visit their development page here.

Note: gpg4usb will not run on GNU/Linux distributions on USB drives formatted as FAT. If you’re only using it on GNU/Linux operating systems then ext4 would be best, otherwise format it to NTFS.

g4u02

After the download has finished open up the .zip file with your archive manager of choice, you should be able to just double-click on it. You should see a folder named ‘gpg4win’, with all the files needed contained within that folder. Copy that folder over to your USB drive, open it, and it should look similar to the below picture.

g4u03

That was pretty simple right? Check out the README file if you want to know more about gpg4usb. To open it, all you have to do is double-click ‘start_windows.exe’ if you’re on Windows, or ‘start_linux_xxbit’ where ‘xx’ is your CPU architecture. For the majority of users this will be the 64bit version.

Part 2 – Generating your keypair

This is the very first thing you should do. Without your own keypair, it will be impossible to receive and decrypt messages. Open up gpg4usb and you’ll be greeted by the ‘First Start Wizard’. This will walk you through the steps of creating your keypair.

g4u04

Choose your language then click ‘Next’. It will now ask you if you want to create a new keypair, import keys from GnuPG, or import settings/keys from an older version of gng4usb. Click on ‘create a new keypair’, then click the button that says ‘Create New Key’. You should see a window with the title ‘Generate Key’. Fill out the information, fill out a fake email if you don’t want to use one, select if you want it to expire or not, choose the KeySize, then create a strong password. A 2048 bit keypair will do fine until 2030, but it’s recommended to use a 4096 bit key. If you want to know more about how the keysize affects your security, check out this link over at the GnuPG website.

If filled out correctly your window should look something similar to below.

g4u05

You can now click ‘Ok’, and your keypair will be generated. This may take some time depending on what you’re doing on your computer. Watch some porn, torrent some GNU/Linux ISOs, type up that essay you were supposed to have done last week. If all went well a window will pop up saying your keypair has been created.

g4u06

You can now close out of the wizard, and select if you want to see the offline help or show the wizard again next time you start up. You’ll be brought to the main gpg4usb window and will see your keypair on the right, along with gpg4usb’s keypair.

g4u07

Part 3 – Obtaining your public key

To receive messages you’ll need your public key posted somewhere. This is really easy in gpg4usb as you don’t need to save it to a file first.

With gpg4usb open, click ‘Manage Keys’ at the top. A window titles ‘Keymanagement’ should appear. Check off the box beside your keypair name, and click ‘Export to Clipboard’ at the top. You can now paste your public key somewhere people can access it so they can send you messages. If you want a backup of your public key you can also click ‘Export To File’ and save it somewhere.

g4u08

Part 4 – Obtaining your private key

It’s a good idea to back up your private key somewhere safe in case of computer failure. Although rare, things do happen and you don’t want to be stuck not being able to decrypt that very important message your mother sent you.

From the main window right click on your key on the right, and click ‘Show Key Details’.

g4u09

From here you can see the details of your key, it’s fingerprint, and export your private key. Click the button that says ‘Export Private Key’ and it will warn you that this is sensitive information that is not to be shared. Select somewhere to save it and keep the filename it gives. A good idea is to save it to a microSD card and hide it somewhere. You don’t want anyone other than you to get a hold of your private key.

Again, it is very important that you keep this file somewhere secure.

Part 5 – Importing a public key

gpg4win makes this just as easy as exporting your public key. Highlight everything in the public key, including ‘—– BEGIN PGP PUBLIC KEY BLOCK—–‘ and ‘—– END PGP PUBLIC KEY BLOCK’, and copy it. In the main gpg4usb window click ‘Import Key’ at the top, then ‘Clipboard’. You’ll see a window pop up with the imported key’s details.

g4u10

Close out of the window and you’ll see the public key has been imported.

Part 6 – Importing a private key

This is just as easy as importing a public key. In the main gpg4usb window click ‘Import Key’, then ‘File’. Browse to where you saved your private key and open it. You should see a window pop up confirming that it’s been imported. Click ‘Ok’ and you’ll see your keypair in the right part of gpg4win.

g4u11

Part 7 – Encrypting a message

Encrypting a message in gpg4usb is super simple. In the main window for gpg4usb there will be a text box. Type in your message, click the checkbox for the recipient on the right, and click ‘Encrypt’ up at the top. Your encrypted message will now take the place of the unencrypted one. Copy and paste this and send it to the recipient.

g4u12

Part 8 – Decrypting a message

Once again, gpg4usb makes this really easy. Just paste the message you received into the textbox and click ‘Decrypt’ up at the top. Enter your password and your decrypted message will take the place of the encrypted one.

g4u13

Part 9 – Conclusion

If you’ve followed the above steps and understood each one you’re on your way to increased privacy in a world that wants to invade it. PGP can seem complicated at first, but once you learn it you’ll laugh at yourself for thinking it was so hard. Even if you still think it’s complicated or a waste of time, just keep in mind that taking an extra 60 seconds out of your day could possible save you from serving 5+ years in prison.

25 comments

  1. total BS!
    won’t work/unpack/execute on Ubuntu!

    • It does work on Ubuntu, I use it regularly on Ubuntu 14.04

      • mister bickles

        OK..i’ll re-try….

        (might have some-thing to do with the USB stick….they can be a bit dodgy!….should it be formatted as FAT-32 or NTFS ?)

        ta!

        • Yes running from a USB can cause problems but it doesn’t have to be run from USB, you can use it from a folder and put any encrypted text or keys on the USB.

          • mister bickles

            couldn’t get the “linux” options to work;

            the inter-active GUI window never popped up :(
            (instead…..wanted to open with “python” or some-thing)

            i gave up trying in the end!

            might post on the Ubuntu Forums abt it;

            works fine in Windows;

            i think i’ll just stick with that for now….

          • Jellybean

            I had problems with the permissions of the file on a USB, it wouldn’t start it on a USB for that reason I don’t know a way round that so I use it from a folder and then use secure delete(nautilus) to delete and write over any files I decrypted. If you’re using Ubuntu it might be better using Seahorse, it can be added to the file menu so you get an option to encrypt/decrypt when you right click on a file, I use that with nautilus and nemo but I’ve only seen secure delete for nautilus.

        • FAQ
          gpg4usb does not run from usb flash drive on linux

          Current linux distributions don’t allow running from usb flash drive formmated with FAT

  2. It works fine for me on Xubuntu. Using it for quite while. I agree it is the GPG Software with the most intuitive interface.

  3. Hi, thanks for the manual.
    But you say “GPG4Win, Kleopatra, and GPA use depreciated versions of GnuPG”.
    gpg4usb uses GnuPG 1.4.18 and Gpg4win uses version 2.0.27.

    • Jellybean

      GnuPG version 1 and version 2 are totally different, the problem with GPG4Win is the keys it creates, you can use it with a key created on GPG4USB or Seahorse and it should be better.
      GPG4Win(Kleopatra) creates keys with no sub key and can create broken key, GPA will not create a 4096 bit key.

  4. Thank you so much, got me up and running straight away :-)

  5. Might I suggest using KGpg for Ubuntu. You can find info on it here: http://packages.ubuntu.com/kgpg

    It is much better than Seahorse.

  6. I am a complete noob to encryption and I found this very useful
    My one question is as follows:

    So I’ve encrypted a message and want to send it to someone. How do they decrypt it on their end? Surely I have to give them the key, at which point the whole effort is pointless if the data is intercepted…

  7. Why do I need a private key? I have a public key so that people can send me encrypted messages, but what is the purpose of a private key?

    • The keys are a called a key pair, as they are created in a way that links them together mathematically. What is encrypted with your public key can only be decrypted with your private key. Your private key can be used to sign a message, and then people can use your public key to verify that the message actually came from you.

      You want to make the public key widely available, so anyone can reach you and anyone verify that important messages are actually from you. You want to keep the private key secure and known only to you, so that only you can read messages sent to you, and so that no one can publicly impersonate you.

  8. i just click box on market vendors profile…is this not enough…will vendor still send to me? 1st order

  9. I can’t get this to work on my mac- OS X Yosemite. Wondering if anyone could help? Thanks

  10. The AlphaBay Market has determined the public key I created is “invalid” despite following the tutorial to a T. Did I do something wrong? Any help would be appreciated.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Captcha: *