PGP/GPG Guide

A while back I started writing some introductory guides to using GNU Privacy Guard otherwise know as GPG. Seeing as how it is the most relevant implementation of the standards named after the commercial PGP software, I tend to use then interchangeably though favoring GPG as the shorthand name for all of this stuff. Without further delay here are some guides I've written as blog posts that can help you get started on the path to actually being a person in the internet age.

The Basics

Getting Started with GPG

This post covers where you can get GPG and what kind of key pair you should generate as well as introducing a few tasks you should master before getting ready to spread your public key around.

Private Pains: Explaining a GPG Homework Assignment

Continuing from where the previous post left off covers explicitly the list of tasks you should get a handle on before using GPG seriously, and why they are important. This covers why keeping your private keys safe and private is so important.

Geany a GUI text editor for GPG tasks

I know Thunderbird with Enigmail is the popular tool to push people who want to use GPG in a friendly graphical environment towards. There are plenty of guides out there for that already. Instead I offer some thing simpler. A text editor, with spell check, that can handle cipher-text encryption, decryption, signing, and verification simply.

More Stuff

A Cool New Toy for Public Keys

I wrote this up when No Such lAbs introduced their public key evaluation tool the Phuctor. I recommend feeding this beast more public keys. The more it consumes the better it gets.

Theoretical versus Actual Security

I introduce a theoretically perfect encryption scheme that predates modern public key encryption and mention some shortcomings that lead actual implementations to be far from perfect.

Combing Tools Poorly

Even if you use GPG, using it with the wrong tools or the wrong work flow can undermine your intention to protect your communications.

Other notes

When registering to Freenode to participate in the Bitcoin Web of Trust make sure to secure your name with nickserv after registering. The line:

/msg NickServ SET ENFORCE ON

Can go a long way to preventing headaches and imposters.