Your Adventure Guide in Installing PGP
If you’ve decided to start using PGP this is a quick guide to help you do it. They’re various alternatives you can download instead of using the command line interface but this is easily the simplest way to do it.
Follow along with your input for each of these steps. The commands are the same for both windows and macs.
Step 1. Generate a Key Pair
> gpg --gen-key
gpg (GnuPG) 1.4.19; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
While DSA and Elgmal have shorter signature codes, RSA is more common and preferred since verifying RNA signatures is much faster. The option for a “sign only” key is less common, but it’s something you might consider if you don’t plan on using your keys for encrypting documents and emails.
Step 2. Select Your Key Bit Length
Output: Depends on your input of the previous selection
RSA keys may be between 1024 and 4096 bits long.
OR DSA keys may be between 1024 and 3072 bits long.
What key size do you want? (2048)
> 1024, 2048, 3072, OR 4096
For RSA the three key lengths options are 1024, 2048, and 4096 bits. Which is representative of the binary 2^10, 2^11, and 2^12 respectively. For DSA the keys are generated in 1024, 2038 and 3072 bit lengths.
You could easily search the web for hours looking for a trustworthy recommendation on these options. Phil Zimmermann the inventor of PGP, recommends a minimum 3k length for RSA encryption so that’s good enough for most people.
Step 3. Select Expiration Date
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0)
> 2y //for a 2 year expiration date
Ability to set an expiration date helps keep your PGP keys socially relevant. The actual date you choose to set is less important, you can always change this date later.
Key does not expire at all or Key expires at MM/DD/YY time
Is this correct? (y/N)
Step 4. Input Your Identity Information
On Mac and Windows the two are slightly different
GnuPG needs to construct a user ID to identify your key
You need a user ID to identify your key; the software constructs the user ID from the Real Name, Comment and Email Address in this form:
Real name: First Last or Pseudonym
Email address: firstname.lastname@example.org
Comment: anything else you care to add
If you get a “Invalid character in name” error message it might be due to trying to put all the information on the same line.
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?
Step 5. Generate a Passphrase
You need a Passphrase to protect your secret key.
Password should be secrets and don’t you dare tell anyone.
You should see some specks regarding your key. Congratulations, you are on you’re way to protecting the information you care about.