Pretty Good Privacy (PGP) is an encryption program that is used for signing, encrypting, and decrypting texts, emails, files, and the likes. It's incredibly powerful and incredibly widespread.
After installing gpg, setting up your own key is simple.
The first key is your private or 'secret' key. Keep this key safe. Don't share it with anyone. The second key is your public key, which you should make public and share with as many people as you can.
My public PGP key is here
Your public key can be used to encrypt messages. Your private key can then be used to decrypt those messages. Very simple. Very effective.
This system can be used for another party to securely send messages or files to you.
# List public keys gpg --list-keys # Import to keyring gpg --import someone.asc # Export someone's key gpg --export --armor > file # Encrypts a file for a recipient gpg --encrypt --recipient [email protected] file.txt # Encrypts and signs the message with author's private key gpg --encrypt --sign --recipient [email protected] file.txt # Decrypt gpg --decrypt file.gpg
• "Signing PGP Keys", carouth.com
• "How To Use GPG to Encrypt and Sign Messages", fedingo.com
• "Key Signing Party", Wikipedia.org
• "PGP Web of Trust: Core Concepts Behind Trusted Communication" - Konstantin Ryabitsev, Linux.com
• "Asymmetric Algorithms", Cryptography.io