EasyGPG makes it easy to do encryption.
Encryption is making it essentially impossible for anyone but the intended recipient to read a message. With EasyGPG, you can be sure that only the intended recipient can read the message, and the recipient can be sure that only you could have written it.
A popular way to encrypt email messages and web site posts is to use GPG. GPG is used much less than it should be because some people find it hard to use. EasyGPG makes GPG easier to use.
Encryption is done with keys. Traditionally, the same key was used for encryption and decryption. This created a problem: How can you share the key securely? After all, if you have a communication channel that’s secure enough to transmit the key, why not just use that same channel to send the message?
This problem has been solved with what’s called “public key encryption.” With public key encryption, keys are created in pairs. One key of the pair is used to encrypt, and the other is used to decrypt. The key that encrypts can’t be used to decrypt. What’s more, the information necessary to calculate one key from the other is thrown away after the key pair is created.
This means that you can give your friend one key (the “public” key) and keep the other key of the pair (the “secret” key) a secret. When your friend wants to send you a message, she encrypts it with your public key, and you (the only person who has the corresponding secret key) decrypt it with your secret key. If someone else gets a copy of your public key, it won’t allow her to read the messages intended for you. Even the person who wrote the message to you can’t decrypt the message.
In EasyGPG, the pairs of keys you create are called “personal key pairs.”
Most messages created with EasyGPG are signed. This signing is done with your secret key. Because messages from you are signed with your secret key, the person who reads them (and who has a copy of your public key) can see that only you could have written the messages. The person who reads the messages can also see when you wrote them.
To find out how to download EasyGPG, go to the EasyGPG home page.
Every EasyGPG folder will have at least two folders and three files. One of these folders and one of these files will have names ending with a hyphen (-) followed by the name of the EasyGPG folder. For example, if your EasyGPG folder is called
easygpg, you’ll have a file called
EasyGPG-easygpg and a folder called
EasyGPG-easygpg is what’s called a “Desktop file” or “Launcher.” You can move it to the Desktop (or anywhere else in your home folder). Double-clicking it will open the Actions folder that corresponds to it. If text has been copied, double-clicking it can also read the copied text, doing whatever is appropriate, including decrypting messages and importing keys. Dragging and dropping files or folders onto it will do whatever is appropriate, including encrypting, decrypting, and importing keys. The files in the Actions folder are also Desktop files. The Actions that act on files or folders will also operate on files and folders dropped onto them.
Rebuild EasyGPG always rebuilds the Desktop files in that EasyGPG folder, including all the Actions. You should do this whenever you do something that causes the Desktop files to stop working.
You can create more than one EasyGPG folder. You may, for example, have one copy of EasyGPG for each email account, and another for encrypting files and folders in order to store them securely. You can create new EasyGPG folders just by creating a new folder and then copying
Rebuild EasyGPG into the new folder. Double-clicking
Rebuild EasyGPG will create all the other files and folders you need in your new copy. You can easily copy public keys from one copy of EasyGPG to another by using the
List and copy keys,
Copy all the public keys, and
Read copied text Actions.
EasyGPG is designed to make it easy to put EasyGPG on a flash drive and use it from there. This may help you protect your privacy more effectively. It is not difficult to format a flash drive with whole-disk encryption to further protect your privacy.
EasyGPG can encrypt files and folders, decrypt files, import keys from files, read messages in files, and read text files without keys or messages. To do any of these things, just drag and drop the files or folders onto EasyGPG’s Desktop file.
To read copied text, double-click EasyGPG’s Desktop file. All keys in the copied text will be imported, and all messages will be decrypted.
For everything else you want to do with EasyGPG, just open the EasyGPG-Actions folder (perhaps by double-clicking the Desktop file), and double-click on what you want to do. With some of the Actions, you can drag and drop files or folders onto the Action.
The first thing to do is to get a personal key pair for each copy of EasyGPG. If you already have a personal key pair, you can import it into EasyGPG with the
Import all the personal key pairs from the main GPG keyring Action or you can make a new key pair with the
Make a new personal key pair Action. Having just one personal key pair for each copy of EasyGPG will reduce the amount of time you spend typing passwords. See the Creating your personal key pair section below.
You’ll need to send your public key to others so they can import it and use it to send messages to you and read your signatures. You’ll also need to import the public keys of others. If you get someone’s key in the form of a file, just drag and drop the file onto EasyGPG’s Desktop file, or the
Read files Action. If you copy the key as text, double-click EasyGPG’s Desktop file or use the
Read copied text Action.
When you encrypt a message, you can add your public key to the message with one mouse click. When EasyGPG finds a key in a message, it automatically imports it. This is the easiest way for users of EasyGPG to share their public keys.
Read copied text does whatever is appropriate with the copied text. It imports keys and reads messages, even when there are multiple messages and keys in the same text. It even reads messages and imports keys found in the decrypted text of messages.
EasyGPG can encrypt files and folders into encrypted
tar archives. These are useful as email attachments. You can just drag and drop them onto EasyGPG’s Desktop file or the
Read files Action to decrypt and unpack them.
When you open a text file with a message encrypted by you and for you, you will be able to edit this message, and save your changes to the same encrypted file, or to a new one. The Action,
Encrypt a message to me and save it, exists to create files like this. These files are useful for saving account usernames and passwords, as well as other sensitive information.
Save a file or folder as a tar archive encrypted for me Action makes it easy to create encrypted
tar archives that only you can decrypt. This is useful for creating backups which you can safely save on a computer somewhere out on the Internet. The only practical way for an attacker to try to decrypt such an archive would require a copy of your personal key pair. The attacker wouldn’t even be able to determine the ID of this key pair by inspecting the encrypted archive.
If you would like to add the contents of a text file to a message, EasyGPG provides a simple way to do this. Just drag and drop the text file onto the Action. This works with all the Actions that begin with “Encrypt a message” or “Sign a message.” If you drag and drop a folder, or a file that is not a text file, nothing will happen.
Your keyrings are files in which your keys are stored. Unless it’s told not to, GPG will store its keyrings in the (usually invisible)
.gnupg folder in your home folder. EasyGPG always keeps your keyrings in a folder called
easygpgkeyrings in the same folder as
easygpg.sh. With EasyGPG, you can copy keys to and from the main GPG keyring in the
.gnupg folder. Key rings are stored this way to make EasyGPG portable. Everything related to EasyGPG is in the same folder. This makes it much easier to migrate to another computer and to use EasyGPG from a flash drive.
Traditionally, people have put their real names and email addresses in their personal key pairs. I think this is a good idea if you share your public key directly with the other person, and you don’t upload it to a keyserver or any other place where everyone can find it. If you do upload your public key, my advice is not to put your real name or your email address in it. My concern here is for privacy.
By uploading your key with your real name and email address in it, you are telling everyone in the world that you exist and what your email address is. You are also inviting unwanted email when you do this. I have received such email.
I also don’t believe in signing keys on keyservers. This simply creates a ready-made list, that anyone in the world can read, of people who know you.
I’m making a point of this here because I want to make it clear that, with EasyGPG, you don’t have to put your email address in your personal key pair (it’s optional), and you don’t have to put your real name there either.
If you make a mistake with your first key pair, don’t worry. You can always delete it and create a new one. There’s no problem with deleting a personal key pair you haven’t shared yet.
Ideally, we should never store anything private on a physical medium, unencrypted. Even when files are deleted from such media, the deleted files, or parts of them, can usually be recovered.
EasyGPG’s RAM disk is a medium that is not physical on which such files can be stored. This RAM disk has a
tmpfs file system that keeps files in RAM.
Please remember to remove the RAM disk before you shut down your computer. If you do not, you will have a folder called “ramdisk” in your EasyGPG folder that is not really a RAM disk. You may mistakenly put items in it, thinking they will not be on a physical medium.
EasyGPG provides four Actions, in the main EasyGPG folder, to create, remove, and back up the RAM disk, and to create new EasyGPG folders inside it.
RAM disk create creates the RAM disk. You can simply double-click it to create an empty RAM disk, or to make your RAM disk a second, more secure, EasyGPG folder. A RAM disk EasyGPG folder will have no RAM disk Actions because mounting a
tmpfs RAM disk inside another
tmpfs RAM disk creates problems.
Alternatively, you can drag and drop a file or folder onto
RAM disk create to create the RAM disk with the file or folder copied into it. When you drag and drop an encrypted
tar archive onto
RAM disk create, the contents of the encrypted
tar archive will be decrypted and unpacked into the RAM disk.
RAM disk remove erases the entire RAM disk and removes it, permanently deleting its contents. Be careful to back up anything you want to keep before you do this.
RAM disk backup backs up the RAM disk to an encrypted
tar archive. This can later be dragged and dropped onto
RAM disk create to restore the former RAM disk. To back up the RAM disk to a file it was backed up to before, drag and drop the backup file onto
RAM disk backup. Otherwise, a new backup will be created.
Make a new EasyGPG folder in the RAM disk creates new EasyGPG folders inside the RAM disk. It can clone existing EasyGPG folders. Cloning reproduces the keyrings and custom Actions of an existing folder, but it copies no other files.
The RAM disk Actions are not available when using Tails. Files used in Tails, that are not saved on a second flash drive or in Persistent, are already only in RAM, and will permanently disappear when Tails is shut down. The same is generally true of other “live” disks.
Many of us encrypt messages to the same person or group of people again and again. To do this before custom Actions, you had to select the recipients’ keys every time. With custom Actions this is no longer necessary.
You can double-click
Create a custom encrypt and copy message Action, enter a name for your new custom Action, and select the keys. This creates a new Action that you can double-click to encrypt a message without having to select keys. You can drag and drop a text file onto your custom encrypt-a-message Action to include the contents of the text file in your message, just as you can with
Encrypt a message and copy it.
Likewise, with the
Create a custom encrypt file or folder Action you can create a custom action to save files or folders as encrypted
tar archives, encrypted without having to select keys. You can drag and drop a file or folder onto this new custom Action to encrypt it, just as you can with the
Save a file or folder as a signed, encrypted tar archive Action.
You can also make any of the Actions in the Actions folder a custom Action. Just drag and drop it onto
Drag and drop an Action here to copy it as a custom Action.
You can put a custom Action in the Applications menu by dragging and dropping it onto
Drag and drop a custom Action here to put it in the menu.
You can copy a custom Action to the Desktop by dragging and dropping it onto
Drag and drop a custom Action here to copy it to the Desktop.
Drag and drop a custom Action here to remove it removes a custom Action from the EasyGPG folder, from the Applications menu, and from the Desktop.
EasyGPG can update itself from the Internet. Just use
Check for a new version of EasyGPG in the EasyGPG-Actions folder.
The update is stored in 4 places: on the EasyGPG eepsite (on I2P), on the Tor Onion Service site, on archive.org, and on codeberg.org. The new version will be downloaded from the Tor Onion Service site or I2P eepsite, if possible. Otherwise it will be downloaded from archive.org. If download from archive.org fails, codeberg.org will be used. If
curl is installed and Tor is running (it will be if the Tor Browser is in use), Tor will be used to download from archive.org or codeberg.org.
The new version downloaded is signed with my personal key pair to prevent a bogus update from being installed.
The main site for EasyGPG is now https://archive.org/download/easygpg/EasyGPG-Home.html.
In addition, there is a page for EasyGPG at https://codeberg.org/giXzkGsc/EasyGPG/.
The EasyGPG I2P eepsite is http://easygpg2.i2p/. The base 32 address is here, and the helper link is here.
The EasyGPG Tor Onion Service site is here. It is identical to the eepsite.
The EasyGPG ZeroNet zite is here. It is almost identical to the eepsite.
The eepsite, Tor Onion site, and zite all include a “Documents” page, with documents of interest to those who care about privacy and security.
You can communicate with me on Diaspora. There you should be able to see all of my posts about EasyGPG.
I’d rather hear from you on Diaspora, where our discussion can be shared with everyone, but, if you think you must, you can email me at email@example.com.
To see all the command-line options, type this in a terminal window.
I hope this will give you ideas about how to integrate EasyGPG into your own projects.
Last updated 2021-01-25 22:15:05 UTC