Silk Road forums

Discussion => Security => Topic started by: Theory on July 13, 2013, 10:01 pm

Title: Pgp for dummies
Post by: Theory on July 13, 2013, 10:01 pm
Hello guys I am looking to keep myself safe and get a PGP key. I ain't the most tech savvy so can anyone of you take some time to give me a step by step in the simplest  way on how to setup a PGP key pair and quick rundown on how to use it.

Thanks in advance guys any help would be really appreciated
Title: Re: Pgp for dummies
Post by: tbart on July 13, 2013, 10:19 pm
here's a link to a post i just threw up that should serve     http://dkn255hz262ypmii.onion/index.php?topic=184070.msg1335866#msg1335866

another member (rustykoin) pm'd me this simply "paint by the numbers" to do list at the above link

there's one tip that will help it make sense from the start - when you download and install gpg4usb, you generate a key pair for your email address (suggest you use tor mail)
but reason for the keypair - when someone wants to comm with you, they'll need your public key to use to encrypt - as you have the private key that will be necessary to decrypt and for you to respond to them, you'll need their public key - don't know why the tutorials don't lay that out up front, i had a mental block till rustykoin thru that at me

and nightcrawler "learned" me on passwords - real good info at diceware.com - really worth reading, if you use a weak password, all the encryption ain't worth crap if someone gets hold of your computer
Title: Re: Pgp for dummies
Post by: Theory on July 13, 2013, 10:28 pm
Ok so using is would go like this

I give someone my public key
I decrypt with my private key
Sender give me there public key
I send to the public key

Sounds easy enough will check out that link as well Bart
Title: Re: Pgp for dummies
Post by: tbart on July 13, 2013, 11:43 pm
very last part, in case you didn't "brain hiccup" like i'm app to do, you don't send to someone's public key, you use their public key to encrypt the msg you want to send to them - you have to use their public key so they'll be able to decrypt it - that public key has an identifier in their copy of the software that tells his software what key to use to decrypt - the public key has no decryption ability itself
Title: Re: Pgp for dummies
Post by: Theory on July 14, 2013, 01:02 am
Alright so I encrypt it with the public key and then after I encrypt it it will give me like a link or something to copy and paste and that is what I send to the person so they can decrypt it with the private key?
Title: Re: Pgp for dummies
Post by: tbart on July 14, 2013, 01:53 am
no, after it encrypts the msg typed in the text editor window of gpg4usb, it will give you a string of jibberish (looks like the public key did) - you then copy that and send it to who ever you're comming with, or paste it here - i've copied and pasted the material from the other thread below and here's a link to GPG4USB    http://gpg4usb.cpunk.de/index.html  :


..... open your gpg4usb and just paste the whole public key in there, like I said in the window that looks like a text editor. Even where it says BEGIN PGP PUBLIC and down to where it says END PGP PUBLIC, the whole thing. Now if you look at the menu bar at the top where it says Keys, click that and go to Import Keys and finally click Clipboard. If you've done it right then it should pop up with my name and even my tormail address and then add it to your chain.

Okay, so now  that you've got that done what you want to do it clear all that crap out of the Clipboard and type a short message, could be anything. After you're done with your message make sure to click the check box next to my name (on the right side key chain list) and finally click the Encrypt button. This produces a mass of gibberish that I can only decode with my private key.

Okay, now what you want to do is copy that gibberish and send it to me in the next message you send me. I'll let you know if you've done it right. Meanwhile, send me your public key and I will send you an encrypted message that you can decrypt.

If you're unsure on how to create keys, I'll break it down quickly. As soon as you open the program a wizard should pop up instructing you to create a key pair, if it does not then click on the Help menu button and select Open Wizard. Click the first next to keep everything in English and then select Create New Key Pair, the first option in blue. Click on the Create New Key button and it will pop up with a variety of info to fill out.

I suggest you use a tormail.org email account for your keys to keep them further secure. Also make sure to create a strong password as you will be prompted each time you try to Decrypt a message someone sends you, and this adds an extra layer of security. Finally make sure to click the Never Expires check box next to the date.

As soon as you fill out your info and password the program will create your public and private keys, this will only take a second. In order to preview your public key after it's created click on Manage Keys and select the check box next to your newly created key, then choose Export to File. Name it anything you want, but my suggestion is tbart Public.txt or something, but as long as it is a text file. Now you can go find your file, open it up and there is your public key which you can give to people in order to send you messages. Never give out your private key to anyone, it is only for you.