User:Tim Starling/Gpg4win tutorial

Gpg4win is a package of open source utilities for key management, encryption and decryption. It can be used for email encryption in conjunction with web-based email or any other email client.

This tutorial can be moved to the Wikipedia namespace if that is deemed appropriate.

Installation

 * Go to http://www.gpg4win.org/download.html
 * Download the full version
 * Run the file and follow the prompts to install it

Key generation

 * Start "Kleopatra"
 * Click File > New Certificate > Create a personal OpenPGP key pair
 * Enter your name and email address, leave the comment blank. Note that the email address you give will be made public.
 * Click Next
 * Click "Create key"
 * Enter a passphrase. This will be used to encrypt the private key on your hard drive.

Publish public key

 * In the main window, right-click on the key you just generated and click "Export certificates".
 * Save it somewhere on your hard drive with a .txt extension.
 * Open the file in notepad or whatever.
 * The key should start with

-BEGIN PGP PUBLIC KEY BLOCK-

Note that it says PUBLIC. If it says "private", you did something wrong. Don't publish your private key.


 * Paste the text from the file into Wikipedia while you are logged in, say as a user subpage, or in an HTML comment or collapsed box on your user page (e.g. by enclosing it PGP top/PGP bottom).

Receiving encrypted email
An encrypted message looks like this:

-BEGIN PGP MESSAGE- Version: GnuPG v1.4.10 (GNU/Linux)

hQIOA5iUCyMfX/D2EAgAhikRs40xo05gNu9XSIO2jrjTIShwfWK2d7+9xlv9UjDN ... -END PGP MESSAGE-


 * Copy the message including the BEGIN line and the END line. You can omit anything outside those lines, such as advertisements.
 * Paste it into notepad. Save it to a file.
 * In Kleopatra, click "Decrypt/Verify Files" in the toolbar.
 * Select the encrypted message file that you just saved.
 * Click "Decrypt/Verify"
 * If everything worked, a file should have been created in the directory you selected, containing the decrypted message.

Importing a public key

 * Go to the user's user page, find their key.
 * Go to the page history, find the revision where the key was added. Make sure the correct user added it.
 * Go to the old revision.
 * Copy the key out of the old revision, paste it into a text file using notepad.
 * Save it to a file, with extension ".gpg". This may be difficult if you have Windows configured to hide file extensions.
 * In Kleopatra, click File > Import Certificates
 * Choose the .gpg file you saved.
 * Click "OK" when it tells you the import was successful.

Sending encrypted email

 * Save the text you want to send in a text file, say using notepad
 * In Kleopatra, click "Sign/Encrypt Files"
 * Select the file with the message you want to send
 * Uncheck "Archive file with..."
 * Check "Text output (ASCII armor)"
 * Click Next
 * Click on your own certificate, click "Add". Then click the certificate of the person you want to send the message to, and click "Add" again.
 * Click Next
 * Under "OpenPGP Signing Certificate", select your own certificate, if it's not selected already.
 * Click "Sign and Encrypt".
 * A file will be created which contains the text you need to send. Open the file and paste it into an email.
 * Note that the subject line of the email is not encrypted. Don't put private information in the subject line.