What are /r/pgp's favorite Products & Services?

From 3.5 billion Reddit comments

>I need a pgp program that's USB bootable

You want to actually boot from the USB?

If so, then I recommend Tails OS or some other Linux USB. Almost all Linux distros come with a command line gpg and you can install a GUI gpg program if you wish.

https://tails.boum.org/download/index.en.html

Tails has an easy to use GPG applet:

https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/public-key_cryptography/index.en.html

Maybe it's an issue with the keyserver? Try keyserver.ubuntu.com (I think it's on their list, you need to move it to the top)

You can also try out search via Web Key Directory. For example type [email protected] in the search box.

Hi JelkyBelly.

If I understand correctly, you're asking whether the PGP servers perform any kind of identity verification?

The perform NO identity verification. I could generate a PGP key, label it JelkyBelly, and upload it to pgp.mit.edu

The cool news is that there is a "web of trust" built from people signing each other's keys. You can learn more about it here: https://www.gnupg.org/gph/en/manual/x334.html

You might want to look at the The GnuPG Smartcard HOWTO if you have not already done so. The howto you have might be unnecessarily complicated.

> since ProntonMail only encrypts emails that are send to other ProtonMail accounts.

That's not true. ProtonMail will encrypt to known OpenPGP keys, you can encrypt your mail to any OpenPGP key. For example I'm using Gmail+Thunderbird+Enigmail and have exchanged encrypted e-mails with a friend using ProtonMail just fine.

For more interoperability context see this blog post.

Sure they do, it's under Settings -> Keys, you can download your existing key (that they pregenerate for you) or add your own (Import key button).

Personally I don't like PGP webmails but I have to give them a credit for going with the standard, and it's not by accident, they deliberately planned that.

A fragment from their old blog post:

> However, for the many out there who still use PGP, the launch of full PGP support will make your life a lot easier. First, any ProtonMail user can now send PGP encrypted emails to non-ProtonMail users by importing the PGP public keys of those contacts. Second, it is also possible to receive PGP email at your ProtonMail account from any other PGP user in the world. You can now export your public key and share it with them.

Source

It depends! If you are asking does PGP support this type of encryption, no, it does not. If your private key is compromised all data encrypted with that key is likewise compromised.

You need different protocols to enable forward secrecy. I am by no means an expert! You can indulge yourself here on how forward secrecy generally works.

edit: A great communication app that support PFS is Signal. Check it out!

If you don't have Homebrew, I'd suggest getting that. Then run...

brew install gnupg

Then the gpg command should be available, which should be what is used in most tutorials.

I don't think is possible since the key has to have an identity to create certifies

Also, I've tried to do that and Kleopatra crashes so you should try with other software, maye even on your phone with Openkeychain

I'd suggest OpenKeychain for Android. It's open source and seems to have a reasonably sized userbase.

You can export the private key from OpenKeychain in the standard OpenPGP format (though it's encrypted with OpenPGP file encryption, but this can be removed from within OpenKeychain and most other OpenPGP clients).

Yes you can transfer your key pair to the android applications. Here is the instructions on how to do that from the open keychain website.

https://www.openkeychain.org/faq/#what-is-the-best-way-to-transfer-my-own-key-to-openkeychain

I see websites recommending OpenKeychain, it's FOSS, it's on F-Droid and Android Market. You should be able to create your private key with it. Don't forget to back up your private key and/or revocation certificate.

For PC, the GnuPG website has download links/instructions.

Did you try the command line?

If your use case is to encrypt mail communication, you should consider using an integration into your mail software. For Thunderbird you should take a look to Enigmail, for Outlook you can use gpgol

You can't decrypt messages not encrypted with your public key...

However, you can verify the authenticity of the message if you have the writer's public key. Tutorial here.

I came to this reddit to find this out :P. On the site lists some frontends.I have used Kgpg but it wouldnt start (go figure I am on GNOME) attempted to use GPA but it had an error with the library and Seahorse. I am trying to install gnuPGP shell currently and will update later.

-----BEGIN PGP MESSAGE----- Version: Mailvelope v1.4.0 Comment: https://www.mailvelope.com

wcFMA0/K3Rvsz+IzARAA2mw+M2whdW53Af9cI0Cz26c4uuy9IsSRrlptfKe4 DY1ZAp/ODC5v3ikicvourLKG+mzjzUvKksdIP17a4tn03CuzQO9H8oHvuWv1 L3XIOTEH7/37uJjzQuVuL0UJVbxZBP2gR0YwY6tilf5vGBIiaEZMHQUyIf2I 0BTKL7f2nWSsJ8w74Vmzd5AfNscM8A3X53bTN+6qPHGyXDq1fE8Q09V17+5t PLfWbYuN/03ZS4I/vlYFdQEhxygLNJkEzsIr5FHOylntYni25MGBY1wAz9u8 pcEpf+2mFdXVD/9pVG3fNt+Eux56/Lo2uMbndY/Fin33wnYugFSTvRnnJnsQ q9wAzrvdteI+YnIfSbbwgHxXVO0/ZpgnVlmalxcSLQ+E7AkOPMr6zB/ODx+s 9HBLLb+5STTA+wee1I3gtQ9/jtJhw+IPPz5oysTwsA5hbOqeDoFGqUQh0mlK MsEwiLFNErvAjjL36cgZjwAnZeuT8PNscuF3nOXBAEBk3Xgrir6FXAId/HeG qQnjXPGw7mKqDtRwoaK+yNji+NWgbJI/TDcCXr3hjpLMdraLsCqBfEgEgvwr wknrdNZQNycDLF/Yu5FX58vRsqn4IwoSnc1qS6W8or7iFv+sXJWgn4v7T9lk Mxsq6E1S8e3nA+VawVneBxuJPJfcBOfBv3DmzolvHmPSkAEPgH3f1bD8qJqJ UHfNXUQ2srwh9kpWKc2xmYMUSbd3yQFQWHnkaVYgjnvE1/nJD+jPmv9wJhJx /aAc5rsqmoKp9ELns+G25a03rFXyHuxhdkGS+G0fG10bOqbwDPHL0HJHkWtv LHBVFk3cyOBAdngIIx71ShZ8b4e/j5IZCwPmM53Q/JXE+G0S3abfl9mehw== =BB2k -----END PGP MESSAGE-----

https://keybase.io is a new one I found just today. I recently tried to use the PGP.com Global Directory but I wasn't able to because they require that you run javascript and that you put in an email address to verify you even if your key doesn't have a linked email address. Which is silly.

That's not strictly true. ProtonMail users a standard called OpenPGP (RFC 4880) and can work with anything that understands that standard. For example it includes Thunderbird+Enigmail or Mailpile.

Bitmsg doesn't seem to support OpenPGP (although I admit their homepage is a little bit scarce on the details what exactly do they do).

In Android, I use OpenKeychain.

On iOS, my wife uses PGP Everywhere.

The latter is a paid (but inexpensive) closed-source app. I've not been able to find a F/OSS one for iOS.

I found this book informative and enjoyable to read. The Internet has lots of resources, but the book just seemed concise and easy to digest. I finished it in one evening.

Does their public key contain an email address? If you don't already have an app for managing your PGP keys, you should get OpenKeychain.