agray.org > Contact Me > PGP Guide
Contact Me

Sending Encrypted Files over Email


I learned this from Guoan Xiao's article on LinuxBabe.


Why?

It encrypts the contents of your attached file so that only I can decrypt it.

If you want to send financial documents or anything else containing confidential information.

GPG just screams "an important conversation is happening" so, you know, it's probably not a good idea to use it - if end-to-end encryption is important to you, use something like Signal or Telegram.


How?

1): Import my public key

Option 1a)

wget https://agray.org/pubkey.asc gpg --import pubkey.asc

Option 1b)

Type gpg --search pgp@agray.org and enter 1 into the prompt, to import from a central key server.


2): Validate the fingerprint

Run gpg --fingerprint pgp@agray.org

It should look like:

pub ed25519 2024-11-09 [SC] [expires: 2026-11-09] 1C67 70F9 FA97 C8AE FB76 4310 8DA2 97DF 5BC9 CA9C uid [ultimate] A Gray <pgp@agray.org> sub cv25519 2024-11-09 [E] [expires: 2026-11-09]


3): Sign the key

You can skip this step, if you later skip the dialogue that warns 'this key is unverified'.

gpg --sign-key 8DA297DF5BC9CA9C


4): Encrypt the file

gpg --recipient pgp@agray.org --encrypt --armor --output encrypted-message.asc message.txt


5): Email encrypted-message.asc to pgp@agray.org.

Note: The correct email is NOT gpg@agray.org.

Note: message.txt is not encrypted, nor is the email's body. Only encrypted-message.asc is encrypted.