What This Page Explains

It is pretty simple really. If you don't already have the gpg program, then install it. If you don't already have Thomas's public key then download that. Then just run a single command to encrypt a file before sending it.

GNU has people use a key name that they call a "fingerprint" to indirectly refer to a key. This is probably because keys can be very long. So to download a key, a person first gets the fingerprint, then uses the fingerprint to download the key. There is nothing more to it than that.

Install gpg

https://gnupg.org/download/.

After it is installed you may check that if it is working by going to a command prompt and asking gpg to tell you what version it is.

> gpg --version
gpg (GnuPG) <version number>
Get The Fingerprint

The easiest way to get the finger print is to just cut and paste this:

D93BA438779B2A5FCC2388B9EC1217840821A535
My fingerprint may also be found by searching for my email address on this site:
https://keys.openpgp.org 
The search result will have the form:
https://keys ...fingerprint/<fingerprint>
The part after the last slash being the fingerprint.

If you have a different email address for me, you can search the keyserver to get a correpsonding fingerprint for it. Even if you use the email address published on this website, it is still prudent to check that the fingerprint matches the one on the keyserver.

Download My Public Key

The documentation also calls downloading the key importing it, or receiving it. To download/import/receive the key type this command:

> gpg --keyserver keys.openpgp.org --recv-keys <fingerprint>
Prepare Your Data Files For Encryption

Put your files into a folder, then zip the folder. If you only have one data file to send you may zip it directly. For sake of discussion, let us say the result is a file called data.zip.

Encrypt The File

1. This command will create the encrypted file with the name d.gpg.
> gpg -o d.gpg -ear [email protected] data.zip
2. Send an email while attaching the file d.gpg. We are done!
Notes

gpg only encrypts the data, it does not add identity info. Please tell me who you are in the email or within the confidential documents.

The name d.gpg appears on the email as the name of the attachment. Apart from that consideration, give it any name and extension that your mailer will accept. You might also try the '.bmp' or the '.tiff' extensions.

Disclaimer

The gpg software is without warranty. If you are handling a document that carries liability, be sure to check the 'see also' links and to know what you are doing. I apologize, but I don't take any responsibility for what happens when you follow these directions.

Copyright © 2008 - 2022 Thomas Walker Lynch. All rights reserved.