If you’re like other paranoid, overly caffeinated, highly intelligent IT professionals, you know that “they” are watching. No matter what you do or say…or type! For that reason, you need encryption and you need it fast! In most cases, within a Windows environment, you would use Pretty Good Privacy (PGP). But did you know that the Free Software Foundation has a version of GnuPG that works on Windows?
Well, it sure does, and I’m going to show you the basics of using this outstanding encryption application.
Getting and installing
It’s actually unfair to call it “installing” because there’s so little to do. Simply download the latest stable binary (as of this writing, it’s 1.0.6), create a GnuPG directory within C:, and unzip the file into the new directory. Inside this new directory, there will be an executable file called gpg.exe; copy this file into the WINNT directory and you’re ready to go.
The first thing you will need to do is run gpg and have it create the necessary files. To do this, open up a command prompt (from Start | Run, enter cmd and press [Enter]) and enter:
Then answer the questions presented (the defaults are always good). Once you’ve accepted the defaults, you’ll have to enter your name and e-mail address, select (O)kay, enter a passphrase (this is very important to remember), and then wait for the key to generate. Now you are ready to encrypt!
The process for encrypting a message (or file) is simple. We are going to run an example file called testpgp that is to become an e-mail. Here’s the step-by-step process:
- · Open your favorite text editor.
- · Enter some text into this file.
- · Save the file as testpgp.txt.
- · From the command prompt, run the command gpg -ae testpgp.
- · When prompted, enter the user ID you created for yourself.
- · Take a look at the newly created file, testpgp.asc. It will look something like this.
What you talkin’ ’bout, Willis? Don’t worry; it’s just our testpgp.txt file all encrypted and wrapped with a pretty pink bow! The size of the file will dictate how large the encrypted file will be. For instance, the above PGP MESSAGE is a file with the single word test encrypted.
What can you do with this text? Quite a lot. One of the options I prefer is copying it directly into e-mail and sending it on. The recipient will have my key and will be able to decrypt that message.
Decrypting a message
Consider our example. To decrypt this message, we simply have to run the command gpg testpgp.asc and enter our passphrase when prompted. After the decrypting is finished, you’ll have the testpgp file back in place. (Actually, it never went anywhere; it was simply overwritten.)
Adding a key
Adding a key is a very simple operation. When a user sends you a key (in ASCII), save it to your hard drive (I put them in C:\ temporarily), open a command prompt, run the command gpg –import key_name, and the key will be imported into the proper directory.
In the above command, where it says key_name, you will enter the name that you gave the user’s key when you saved it.
Now when you encrypt a message intended for that user, you will enter his or her username when prompted and the file will be encrypted so that only that user can read the file.
We’re all passing sensitive information back and forth on a day-to-day basis and the ability to encrypt that information (or e-mail, or files) can often lift a world of worry from your chest.
For more information on how to use the gpg command, take a look at the GnuPG documentation, which will show you a more in-depth look at how this application is used.