GnuPG
Software Version
Since GnuPG is a crypto software meant to handle security and encryption, we should always use the latest stable version. Hence, if you're using gpg1, you should upgrade to gpg2.1 and above at once. If there is any software that is integrating with the outdated gpg version, you can:
- Raise a ticket to their support channel, urging them to move up for security purpose
- Consider your intention of using that software
This guide will always be introducing the latest version of GnuPG, made available on Debian stable branch.
GnuPG Purpose
There are 3 main reasons:
Verify Entity Identity (Integrity)
Ever-since the existing of internet back in '90s, identifying a genuine person across the internet is very tough without face-to-face verification. With GnuPG key-pairs ownership, any entity (group or individual) can share one origin identity via a single cryptographic signature process. It does not identify the entity perfectly (you still need to verify the entity through some other ways like public announcement or face-to-face verification), but it's better than nothing.
Encryption and Decryption (Confidentiality)
With identification in place, you can perform private communications via encryption. GnuPG does this perfectly. It offers symmetric encryption using a public/private key pairs to encrypt/decrypt a message payload (can be string or file).
Digital Signature (Integrity)
With a way to verify identity, you can also use GnuPG to digitally sign a message payload (can be string or file), just like how we sign our physical letter. In open-source development, developers always use GnuPG to sign the origin and integrity of the contents, be it patch/software releases. This is for protecting the contents from being tempered with after it leaves the developer's hand and a way for the user/consumer to verify the contents integrity.
Best Practices
This section is all about the common practices of using GnuPG. They are a checklist of actions depending on audience.
Specifications Index
This section is about all the manual specifications for using GnuPG. They are arranged based on the purposes except "black magic", where the hacks and thinkering are grouped under a single sub-section.
Create
This section is all about creating something in GnuPG.
Certify & Revoke
This section is all about certifying or revoke a primary key in GnuPG
Backup and Distribute
This section is all about backup or distribute a primary key in GnuPG.
Encrypt and Decrypt
This section is all about encrypt and decrypt a primary key in GnuPG.
Sign and Verify
This section is all about sign and verify a primary key in GnuPG.
Export and Import
This section is all about export and import a primary key in GnuPG.
Delete
This section is all about delete a primary key in GnuPG.
Configure
This section is all about configuring a primary key in GnuPG.
Black Magic
This section is all about tinkering GnuPG. As the name implies, DO NOT ATTEMPT aside academic purposes.
That's all about GnuPG.