GnuPGP or GPG (Gnu Privacy Guard) is a computer program that implements the OpenGPG standard; an open source alternative to the PGP commercial product.

The core package for GnuPGP gnupg is installed by default on Ubuntu.  This quick start guide will discuss about performing file encryption with GPG.

Generating a Key

Type the following command:

$ gpg --gen-key

After executing the command you will be prompt with the following:

Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)

Enter option 1 to allow encryption and decryption.

What keysize do you want? (2048)

Enter 2048 which is the default recommended by GnuPGP

Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years

Enter 0 so that there is no expiration date for the key.

Next you will need to enter your user information.

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) "

Enter your “Real name”, “Email address”, and “Comment” is optional.

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?

Confirm your information by entering O, and the key generation will begin.

Enter passphrase:

Next you will need to enter a passphrase; remember that if you forget your passphase then your key will be useless.

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
+++++.++++++++++.++++++++++.+++++++++++++++++++++++++.+++++++++++++++.+++++++++++++++...+++++.+++++++++++++++++++++++++++++++++++++++++++++>++++++++++>.+++++............................................................................+++++

Not enough random bytes available.  Please do some other work to give
the OS a chance to collect more entropy! (Need 283 more bytes)

During the key generation follow the instruction mentioned above and wait patiently for your key to complete generating.

When the key has completed generating the following summary will be prompted:

gpg: key 2DFD492E marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
pub   1024D/2DFD492E 2009-10-14
Key fingerprint = FCAC 0686 401B A333 546E  F081 0459 61E9 2DED 490C
uid                  Vincent Kong <vkong@myemail.com>
sub   2048g/457534BF 2009-10-14

The new generated key ID is 2DFD492E

Listing the keys

$ gpg --list-keys

Importing a Public Key

$ gpg --import KEYFILE

Encrypting a File

To encrypt a file for another user, the encryption must be done with their public key, which needs to be imported first.

$ gpg --output ENCRYPTED_FILE.gpg --encrypt --recipient USER_PUBLIC_KEY_ID ORIGINAL_FILE

Decrypting a File

If a user sent you a file that has been encrypted with your public key, it can be decrypted with the following:

$ gpg --decrypt ENCRYPTED_FILE.gpg

Exporting Your Public Key

$ gpg --armor --export KEY_ID

Signing a Public Key

In GnuPG, if you get an error saying There is no assurance this key belongs to the named user when trying to encrypt, you need to sign the public key.

$ gpg --sign-key PUBLIC_KEY_ID

Edit a Key

$ gpg --edit-key KEY_ID

Information associated to KEY_ID will be displayed followed by the Command> prompt; type help to display the list of command which can be used to modify the key

A detailed how-to guide about GnuPGP can be found here.

Related posts:

1. Samba on Ubuntu Quickstart Guide
2. MySQL for Ubuntu Quickstart Guide
3. WordPress Quickstart Guide