Sign up
+# Enter the following keysize: 4096 for a strong key.
# Choose the expiration date; we suggest 2y (2 years).
Follow the prompts to continue setting up with your personal details.
+ Depending on your version of GPG, you may need to use
+--gen-key instead of code>--full-generate-key.
Set your passphrase
On the screen titled "Passphrase," pick a strong password! You can @@ -341,6 +753,16 @@ If GnuPG is not installed, it will bring up the following result on most GNU/Lin Command 'gpg' not found, but can be installed with: sudo apt install gnupg. Follow that command and install the program. +
+
sudo apt update+
sudo apt install gnupg2+
gpg2 --full-generate-key+If this resolved the issue, you need to continue to use the gpg2 identifier instead of gpg throughout the following steps of the guide. +
Depending on your version of GPG, you may need to use
+--gen-key instead of code>--full-generate-key.
Upload your key to a keyserver
We will upload your key to a keyserver, so if someone wants to send you an encrypted message, they can download your public key from the Internet. There are multiple keyservers -that you can select from the menu when you upload, but they are all copies -of each other, so it doesn't matter which one you use. However, it sometimes -takes a few hours for them to match each other when a new key is uploaded.
+that you can select from the menu when you upload, but they are mostly all copies +of each other. Any server will work, but it's good to remember which one you uploaded your key to originally. Also keep in mind, sometimes takes a few hours for them to match each other when a new key is uploaded.# Copy your keyID: gpg --list-key [your@email] will list your public ("pub") key information, including your keyID, which is a unique list of numbers and letters. Copy this keyID, so you can use it in the following command.
# Upload your key to a server:
gpg --send-key [keyID]
Troubleshooting
-
+
- Sending my key to the keyserver is not working +
- Instead of using the general command to upload your key to the keyserver, you can use a more specific command and add the keyserver to your command
gpg --keyserver keys.openpgp.org --send-key [keyID].
+
- My key doesn't seem to be working or I get a "permission denied."
Like every other file or folder, gpg keys are subject to permissions. If these are not set correctly, your system may not be accepting your keys. You can follow the next steps to check, and update to the right permissions.
@@ -440,6 +864,7 @@ You can use the code:chmod 600 ~/.gnupg/*If you have (for any reason) created your own folders inside ~/.gnupg, you must also additionally apply execute permissions to that folder. Folders require execution privileges to be opened. For more information on permissions, you can check out this detailed information guide.
+
- Don't see a solution to your problem?
- Please let us know on the feedback
@@ -658,15 +1083,14 @@ href="mailto:edward-en@fsf.org">edward-en@fsf.org. Make the subject
- "Recipients not valid, not trusted or not found" -
- You could get the above error message, or something along these lines: "Unable to send this message with end-to-end encryption, because there are problems with the keys of the following recipients: ..." In these cases, you may be trying to send an encrypted email to someone when you do not have their public key yet. Make sure you follow the steps above to import the key to your key manager. Open OpenPGP Key Manager to make sure the recipient is listed there. +
- You could get the above error message, or something along these lines: "Unable to send this message with end-to-end encryption, because there are problems with the keys of the following recipients: ..." In these cases, you may be trying to send an encrypted email to someone when you do not have their public key yet. Make sure you follow the steps above to import the key to your key manager. Open the OpenPGP Key Manager to make sure the recipient is listed there.
- Unable to send message
- You could get the following message when trying to send your encrypted email: "Unable to send this message with end-to-end encryption, because there are problems with the keys of the following recipients: edward-en@fsf.org." This usually means you imported the key with the "unaccepted (unverified) option." Go to the "key properties" of this key by right clicking on the key in the OpenPGP Key Manager, and select the option Yes, but I have not verified that this is the correct key in the "Acceptance" option at the bottom of this window. Resend the email.
- I can't find Edward's key
- Close the pop-ups that have appeared since you clicked Send. Make sure -you are connected to the Internet and try again. If that doesn't work, repeat -the process, choosing a different keyserver when it asks you to pick one. +you are connected to the Internet and try again. If that doesn't work, you can download the key manually from the keyserver, and import it by using the Import Public Key(s) from File option in the OpenPGP Key Manager.
- Unscrambled messages in the Sent folder
- Even though you can't decrypt messages encrypted to someone else's key,