Kgpg encryption tool version 1.2.2 Mini Howto for linux. (I am using ubuntu 7.04 and kde 3.5.6)               Back to Main Page          

This i a very short version, and if you want to know more, go to the Internet etc.                                    

This howto is without any guarantee, and you may use it on your own responsibility only.

There may be errors, but I do not want to use too much time to  write this howto.

My idea is to make documentation, so you can at least start using the system.

I (66 years old) have abstracted what I find most important, from lots and lots of documentation.

To check specific words you may  click here to open wikipedia  (use search box, left side middle).

It's easiest to print this howto out, to use it, by your side !



Kgpg is an encryption program, based on the Gnupg package, which you can use to encrypt -and decrypt files.

(I have the following packages installed: gnupg, gnupg2, gnupg-agent and kgpg.)

In order to use the program, you first have to create a keypair, consisting of a private key (secring.gpg) and a public key (pubring.gpg) - (a key is just a small

file).

The public key are used to encrypt files, and the secret key are used to decrypt these files (the keypair works together).

This public key (a small file) you may give to other people (who must also have the Gnupg package installed), so they can encrypt files they want to send to you,

but when they have encrypted a file for you with this, they are no longer able to decrypt this file, as only you know the password (passphrase) for this key.

Of course you may also use your own public key to encrypt your own files, which you want to keep encrypted on your harddisk (text files, image files, video files

etc), and then you use your own corresponding secret key to decrypt these files.

Such encrypted files will take a very long time for other people to decrypt (if ever), even with a very fast computer, but it is very important, to keep the

passphrase secret, so nobody will ever get to know it (do not use everyday words from a dictionary or names from your surroundigs - use your phantasy).

The phrase: “Thi$ is my #difficult& p@ssphrase” (plain english words mixed with random characters), can be considered a reasonably safe passphrase.

You can also get public keys from other people, so you can encrypt files you want to send in a secure way (e.g. by e-mail), but remember, that when you have

encrypted files with a foreign public key, you will no longer be able to decrypt them, as only the owner of the public key knows the passphrase.

(The Gnupg program can be used in many other ways as well).

In order to create a keypair, open Kgpg and choose Keys - Generate Key Pairs:

Kgpg - Keys - Generate key pairs

Name: "Joe" - insert your own name

Email: "niel@telia.com" - insert your own (a real) e-mail address

Comment: "Joe's key pair" - here you can insert a comment (optional)

Leave the rest as is, an click on the "OK" button:

Insert your secret passphrase two times (and keep it VERY SECRET)

Password: "**********" - insert your secret passphrase, (best to make it longer)

Verify: "**********" - insert the same passphrase once more - important to remember this passphrase, and keep it VERY SECRET for other people.

Then click on the "OK" button, and the keypair will be created for you - perhaps move the mouse around when the keypair is being created.

Then you see (below) the dialog, telling you, that the keypair has been created.


The passphrase created successfully

A good idea to note the above information: Name, Email and Key ID - to make it easier in the future to recognize your own keys - then click on the "OK" button:

The new keypair is created and seen in the Key Management window

You see (above) the new keypair (Joe's key pair) has been created, and the "Trust" is set to green - this Trust can be changed by marking the key (click to  blue

color) - then choose: Keys - edit keys - Owner trust - click on the small black downward triangle (below) - and change if you like:

Keys properties Normally leave the Owner trust to "Ultimately" (green color)  for your own keys.

The newly created key pair wil be sitting in the subfolder ".gnupg" under your home directory, see below:

The public -and secret keys in "home/yourusername/.gnupg" directory

You should now copy the "pubring.gpg" and "secring.gpg" into a safe place, best to burn onto a cd/dvd, or copy to an external harddisk etc.

These two files you will need, when you later are updating to another linux distribution, so you always will be able to decrypt your own files, and to continue to

use the same keypair in the future.

The "pubring.gpg" you may rename to e.g. "yourname.gpg" and send a copy to your friends (e.g. by e-mail), so they can encrypt files to you.

When you receive a public key from anybody, you must import it into your "keyring":

Open Kgpg and choose: Keys - Import key:

Keys - Import key

Click on the "Import Key" menu item:

Keys - Import file dialog

Then click on the small blue directory icon (above):

Open key file for import into keyring

Then choose the public key from "anybody" (lets suggest is is placed in /home/user4/.gnupg directory) and click on the "OK" button, and then the foreign public

key (not existing) will be imported into your keyring for you to use later - it will be put in the same place where Joe's key is sitting (see below):

Where a foreign imported public key will be placed (Note: The imported public Key is not existing)

To encrypt "testpage.html" right click on the file and choose: Actions - Encrypt file (see below):

Right click file - choose: Actions - Encrypt file

Then choose the key to encrypt with (see below):

Select public key to encrypt with

To encrypt with "Joe" click on this key to select (blue color - see above) - and then click on the "OK" button, and the file will be encrypted - big files will take

several minutes, and the encrypted file will be some bigger than the unencrypted file - (below):

testpage.html encrypted

As you can see the encrypted file has got ".asc" addended to the name: "testpage.html.asc", and now the file is encrypted, for nobody to see its contents -

remember to remove the unencrypted file, so there is no trace of the original file left !

Now in order to decrypt the file, left click on the file with the left mouse button, and a passphrase (Password) insert dialog opens up (see below):

Insert passphrase

Write your secret passphrase/password and click on the "OK" button, and the encrypted file will be decrypted, ready for use.

You can encrypt one or several files at the same time, just select the files, and right click on one of the selected files and then choose: Actions - Encrypt file -

same as above.

However, if you want to decrypt several files at the same time, put all the encrypted files in same directory, open a bash shell konsole, cd to the directory with

the encrypted files, and write on the command line:

"gpg2 --allow-multiple-messages --decrypt-files *" (without the double quotes).


9/2007