How to install and use GPG Suite to encrypt email with Apple Mail

When you're on your Mac and you need to email sensitive information, don't let a lack of tools get in your way. Here's how the GPG Suite can make encrypting email easy in Apple Mail.

In today's world, security and privacy are key. You have business and personal information you need to transmit or share, and doing so without first encrypting said information is a risk. If you use a Linux machine, working with various encryption tools is incredibly simple. You can install the likes of OpenPGP from the standard repositories and easily use it from the command line or from within apps like Thunderbird.

But what if macOS is your platform of choice? What do you do? You have a few options, one of which is to install the GPG Suite of tools. This particular software will install GPGMail (an open source plugin for Apple Mail), GPG Keychain (an open source application for macOS that allows you to manage OpenPGP keys), GPG Services (a plugin that brings GPG to nearly any Mac application), and MacGPG (the underlying engine for the GPG Suite). I'm going to show you how you can get this open source app installed and use it with the likes of Apple Mail.

I will be demonstrating on macOS High Sierra.

Install the GPG Suite

The first thing you must do is download and install the GPG Suite. Once you've downloaded the file, double-click on the download to mount the image. In the resulting popup (Figure A), double-click on Install and walk through the installation wizard.

Figure A

Figure A

Installing the GPG Suite on a Macbook Pro with High Sierra.

Once installed, move the GPG Suite installer file to the trash and eject the desktop icon for the mounted image.

SEE: Electronic communication policy (Tech Pro Research)

Generating your key

As soon as the installation is complete, and you've moved the installer file to the trash, GPG will open, waiting for you to enter the necessary information to generate your GPG key pair (Figure B).

Figure B

Figure B

Generating your first GPG key.

Enter the required information and then click Advanced options. In this section, you can select your key type/length, add a comment, and change the expiration date. If you want your key to be permanent, uncheck Key expires, and click Generate Key. You will be instructed to work on your machine (typing, clicking, etc.) to generate entropy. Do this until you are prompted to upload your public key to the default GPG keyservers. If you don't want to make this public key available for anyone to download, click No, Thanks!, and you're ready to continue. If you want to make it easier for people to add your public key to systems (so they can send you encrypted email), okay the upload.

SEE: Boost your Mac productivity with these 10 techniques (free PDF) (TechRepublic)

Signing and encrypting email

One of the reasons why I opt to use the GPG Suite on Mac is because it integrates seamlessly with Apple Mail. There is no need to manually encrypt/decrypt email, using keyboard shortcuts. However, in order to encrypt an email to a contact, you will have to import their public key into GPG. To do this, either have them send their public key to you or download it from one of the many public keyservers (if that's an option for your contact). Once you have the file on your drive, open GPG, click Import, locate the downloaded file, and click Open. The public key will then be imported into GPG and is ready to use.

With the public key in place, open up Apple Mail and compose an email to the contact. You should see three new objects in the window (Figure C).

Figure C

Figure C

The Apple Mail compose window with a fresh new look.

Make sure OpenPGP is selected in the green drop-down. Compose the message as you normally would, and then click either (or both) the Sign and Encrypt buttons to the right of the Subject line. When you click Send, you will be prompted for the GPG password you created when you generated your keypair. Type that and click OK. Your email will be sent, fully encrypted, thanks to GPG.

One note on sending the email. I would suggest unchecking the box for Save in Keychain. If you allow the password to be saved in your keychain, anyone that has access to your machine could then send an encrypted email from you. To that end, do not save your GPG password in the keychain.

You're GPG good to go

And that's all there is to using GPG with Apple Mail. You can now easily send encrypted mail to contacts with associated public GPG keys, and decrypt incoming mail from contacts that have your GPG public key. It's easy, secure, and reliable. Let your Mac and the GPG Suite prevent your sensitive information from falling into the wrong hands.

Also see

Image: Jack Wallen

About Jack Wallen

Jack Wallen is an award-winning writer for TechRepublic and He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website

Editor's Picks

Free Newsletters, In your Inbox