This means things like using a strong passphrase, using full-disk encryption on your computer and keeping your private key off cloud services like Dropbox. It is super important to keep it super secret. This “private key” is what GPG Keychain and Apple Mail will use to decode messages sent to you. It also stores your super-secret “private key” on the computer you are using. Making a key this way publishes your “public key” to the world. I use a strong passphrase (GPG tools warns you if you don’t).I upload my public key so people can find me.The email address matches the one I use to send and receive my email.I use my real name, so people can find me in key services.(If you have an existing key, you can look it up with “Lookup Key,” searching by your email address or name, and import it.) I then made a new key, with the “New” icon. Once everything was installed, I launched "GPG Keychain" from my Applications folder. One is called “GPG Keychain,” and another modifies Apple Mail, which likely came with your computer, so it can send and receive encrypted email. Having verified the software is intact, I launched the. (Now that I’ve been using a version of GPG I trust, when I download updates I also use GPG to do a verification. My apologies, but I’m not familiar with GPG on other platforms. Downloadįirst I downloaded the GPG Suite at for my system, which is Mac OS. Here, then, is how I started using encryption for email. These include Jeff Larson, Mike Tigas, Harlo Holmes and Aruelia Moser. If your life or livelihood depends on secure communications, please rely on resources provided by experts.Īlso, I’ve benefited from generous journalists who are more experienced and have shared their tips and tricks. I'm a journalist who would like the option of keeping his communications secure. I’ll say upfront that I am not an expert on encryption or operational security. I’ve jumped in, and I'm sharing my steps here so they might help others. (GPG stands for “GNU Privacy Guard,” and is basically the same thing.)Įncrypting email seems the like one of the most natural ways to communicate securely, but it’s unfortunately complicated to set up. PGP, or “Pretty Good Privacy,” is one way to encrypt email and other text. In that way, emails are more like postcards.Įncryption can help keep information private in transit. Most email these days zips across the internet in an open format someone can read in transit - even though the sender’s and receiver’s mailboxes are password protected. These keys have belonged to me in the past, but I am no longer using them: So I’ve included the key on my Twitter bio put the fingerprint in the sidebar of this website, in this tweet, and on my employer's website and published my full public key both on the MIT Public Key Server here and at. Publishing the fingerprint and full public key in several places helps you be more certain that this key actually belongs to me. Its full fingerprint is:ģ0D1 B2EF ECD0 BCA9 EBFA E13A CC77 A709 6A9C 5F59 I’m currently using a key with the ID of 6A9C5F59. If you already use PGP (or GPG), here’s the info you may be looking for about me: If you’re ready to start encrypting your email, scroll down just a bit to read about how I got started.
0 Comments
Leave a Reply. |