howto gpg and mailapp

gpg / pgp (pretty good privacy) is a great way to make sure no-one sniffs on your email. it's based on private key/public key encryption. the principle of this is you generate a public key and a private one. you give your public key to everybody and keep your private key secret. anyone who wants to email you will encrypt that message with your private key. then when the message arrives, only you have the private key with which to decrypt the message. good eh? for a more comprehensive overview of pgp read here

<voicefromtheback> how do i do it then? </voicefromtheback>

here are the three steps you need to do:

  1. get the latest gpg privacy guard from here (currently 1.4.1 - yes, tiger compatible) this is just a double click install package type thing - but be warned - it takes a while.

  2. get gpg keychain access here - this generates your pgp key - the installer even walks you through the generation process. the default settings are fine. just to warn you, there are several clicks to make at this step - but it's painless. promise. remember to pick a good password for your private key. ie 'password' would probably not be so hot ;)

  3. get the plugin here (currently at 1.3) and install it (it comes with an installer)

<voicefromtheback> now what? </voicefromtheback>

well you have to give people your public key. couple of ways to do this:

  1. in gpg keychain access, on the public tab click on the key that was generated, then in the bar above, click on the export option and enable ascii armour (this makes it easier to send via email). this will then give you your gpg public key block. copy this and send it to someone you want to have it.

  2. put your key on a public key server. there are many servers that hold keys so anyone can find them. you can upload too. in gpg keychain access just select your public key and choose "send to keyserver" from the key menu.

well, that's about it. encrypt my friends and be quick about it.

ps another good link for more info

rss feed link