User:Tim Starling/Gpg4win tutorial

Gpg4win is a package of open source utilities for key management, encryption and decryption. It can be used for email encryption in conjunction with web-based email or any other email client.

This tutorial can be moved to the Wikipedia namespace if that is deemed appropriate.

Installation

• Go to http://www.gpg4win.org/download.html
• Download the full version
• Run the file and follow the prompts to install it

Key generation

• Start "Kleopatra"
• Click File > New Certificate > Create a personal OpenPGP key pair
• Enter your name and email address, leave the comment blank. Note that the email address you give will be made public.
• Click Next
• Click "Create key"
• Enter a passphrase. This will be used to encrypt the private key on your hard drive.

Publish public key

• In the main window, right-click on the key you just generated and click "Export certificates".
• Save it somewhere on your hard drive with a .txt extension.
• Open the file in notepad or whatever.
• The key should start with

-----BEGIN PGP PUBLIC KEY BLOCK-----

Note that it says PUBLIC. If it says "private", you did something wrong. Don't publish your private key.

• Paste the text from the file into Wikipedia while you are logged in, say as a user subpage, or in an HTML comment or collapsed box on your user page (e.g. by enclosing it {{PGP top}}/{{PGP bottom}}).

Receiving encrypted email

An encrypted message looks like this:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.10 (GNU/Linux)

hQIOA5iUCyMfX/D2EAgAhikRs40xo05gNu9XSIO2jrjTIShwfWK2d7+9xlv9UjDN
...
-----END PGP MESSAGE-----

• Copy the message including the BEGIN line and the END line. You can omit anything outside those lines, such as advertisements.
• Paste it into notepad. Save it to a file.
• In Kleopatra, click "Decrypt/Verify Files" in the toolbar.
• Select the encrypted message file that you just saved.
• Click "Decrypt/Verify"
• If everything worked, a file should have been created in the directory you selected, containing the decrypted message.

Importing a public key

• Go to the user's user page, find their key.
• Go to the page history, find the revision where the key was added. Make sure the correct user added it.
• Go to the old revision.
• Copy the key out of the old revision, paste it into a text file using notepad.
• Save it to a file, with extension ".gpg". This may be difficult if you have Windows configured to hide file extensions.
• In Kleopatra, click File > Import Certificates
• Choose the .gpg file you saved.
• Click "OK" when it tells you the import was successful.

Sending encrypted email

• Save the text you want to send in a text file, say using notepad
• In Kleopatra, click "Sign/Encrypt Files"
• Select the file with the message you want to send
• Uncheck "Archive file with..."
• Check "Text output (ASCII armor)"
• Click Next
• Click on your own certificate, click "Add". Then click the certificate of the person you want to send the message to, and click "Add" again.
• Click Next
• Under "OpenPGP Signing Certificate", select your own certificate, if it's not selected already.
• Click "Sign and Encrypt".
• A file will be created which contains the text you need to send. Open the file and paste it into an email.
• Note that the subject line of the email is not encrypted. Don't put private information in the subject line.