- What Is PGP? GPG?
- Why Should You Care?
- Is GPG Hard to Use?
- Does It Work with Other Crypto Programs?
- Where Can You Find GPG?
- How Does It Work?
- How to Install It
- How to Use It
- Generate Your Key
- Export Your Key
- Key Management Window
- Importing a Key via the Clipboard
- Importing a Key from the Key Server Network
- Open the GPG Text Editor
- Right-Click Menu
- File Encryption/Decryption
- Possible Legal Hazards
Why Should You Care?
Do you put your confidential personal information such as credit card numbers or business trade secrets or the things about your love life you do NOT post on your LJ on snail-mailed postcards?
If you put this kind of information into e-mail, the risk is the same.
Crypto means not having to trust the employees or the computer security with your confidential information at any of what might be dozens of relay points between your workstation and that of your recipient.
If you make online purchases, you’re already a crypto user. That padlock icon appearing on your Web browser on the "secure" Web page in which you enter credit card billing information means the same as the GPG padlock icon on your desktop—it means crypto. On a secure page, all information in both directions is encrypted under control of the e-commerce server.
The people who handle your online money know better than to trust the security of other people’s Internet servers. This is a good example to follow, and you can use crypto under your own control to do this.
The electronic signature for "plain text" (including formatted word processor, spreadsheet, and so on) documents is also a useful feature. How can you prove that a document was signed by the person signing it or that it’s been altered? A true digital signature is easy to apply and can easily be authenticated by point-and-click without hiring the document experts required to verify the contents of paper. I use digitally signed contracts for business purposes whenever I can.
Here is an example of a GPG-signed document:
<pre> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 this is a test -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFDZX6ap8FQlOPvRacRAgj0AJ4+QjdL4PzA96mYnV2MynnPkFTnIQCgjmxj 1XVSOL8CsFtnDdtqksQjxT0= =HHES -----END PGP SIGNATURE----- </pre>
As a Linux user, crypto under your control that’s good enough to stop anyone short of a top-flight national intelligence agency is probably part of the default installation of your Linux distribution. If not, it can easily be downloaded and installed.