Never Ending Security

It starts all here

Basic guide to PGP on Mac OS X

Part 1 – Installing the software

If you’re curious and want to see the source code, you can do so here.

  1. Head on over to, and download ‘GPG Suite Beta 5′UAQo3Ca[1]
  2. Open the file you downloaded, you should see this screen. Double click on ‘Install’dV8D0FZ[1]
  3. Follow the installation process. If successful, you should see this screen. You can now close the windowm8qytPb[1]

Part 2 – Creating your keypair

GPG Suite actually makes this a super simple process. Just like the Linux guide, we’ll be using 4096 bit length for encryption.

  1. Open up GPG Keychain, you should be greeted by this beautiful window1xvho3K[1]
  2. Click ‘New’ at the top left of the windowJH57cE5[1]
  3. You should see a small popup. Click the arrow beside ‘Advanced options’, make sure the key length is 4096. For our purposes, we’ll uncheck ‘key expires’. Put your username where it says ‘full name’, fill out what you want for email, and create a secure passphrase. Check the picture for an example on how to fill it out. When complete, click ‘Generate key’UPn7xO4[1]
  4. GPG Keychain will begin generating your key. Move the mouse around, mash keys in a text editor, have something downloading. Do random stuff to create entropy for a secure key.1oFPI10[1]
  5. annndddddd we’re done!J0HkvZG[1]

Part 3 – Setting up the environment

This is where OS X differs from other platforms. The suite itself doesn’t provide a window to encrypt/decrypt messages, so we need to enable some options.

  1. Go into system preferences, open up ‘Keyboard’EYKyVkn[1]
  2. You should see this window. Click the ‘Keyboard Shortcuts’ tab at the top, then ‘Services’ in the left pane. Scroll down in the right pane to the subsection labeled ‘Text’, and to the OpenPGP options. Here you can create keyboard shortcuts. We’ll uncheck everything OpenPGP that’s under ‘Text’, and delete their shortcuts. Now we’ll enable ‘Decrypt’, ‘Encrypt’, and ‘Import key’. Create keyboard shortcuts for these if you wish. Check the picture to make sure you’re doing everything correctly. You can now close the window.2vQlkq8[1]

Part 4 – Obtaining your public key

This part is super simple.

  1. Open up GPG Keychain, select your key
  2. At the top of the window, click ‘Export’pvVfw2V[1]
  3. Give it a name, make sure ‘include secret key in exported file’ isunchecked, and click ‘save’xwjzDoI[1]
  4. Open your text editor of choice, browse to where you saved the key, open it
  5. There it is. Copy and paste this on your market profile to make it easier for people to contact youRJhHUWx[1]

Part 5 – Obtaining your private key

Again, super simple.

  1. Open up GPG Keychain, select your key
  2. At the top of the window, click ‘Export’
  3. Keep the file name it gives you, check ‘Include secret key in exported file’, then click saveQSLfhqW[1]

Keep this file in a safe place, and don’t forget your passphrase. You’re fucked without it!

Part 6 – Importing a public key

This is really easy.

  1. Find the key you want to import.
  2. Copy everything from ‘—–BEGIN PGP PUBLIC KEY BLOCK—–‘ to ‘—–END PGP PUBLIC KEY BLOCK—–‘nH6MBYc[1]
  3. Paste it into your favourite text editor, highlight everything, right click, go to ‘Services’, then ‘OpenPGP: Import key’Uq40mv1[1]
  4. You’ll see this window pop up confirming the key has been imported, click ‘Ok’CWv0ySL[1]
  5. Open up GPG Keychain just to confirm the key is therezQYRK9c[1]

Part 7 – Importing a private key

Again, really easy.

  1. Open GPG Keychain, click ‘Import’ at the topo7XMOBq[1]
  2. Browse to where your key is, click it, then click ‘Open’. It should have a .asc file extensionyUTGU3o[1]
  3. You’ll see this pop up confirming your key has been imported. Click ‘Close’5Cadwt8[1]

Part 8 – Encrypting a message

  1. Open your text editor of choice, write your message
  2. Highlight the message, right click, ‘Services’, ‘OpenPGP: Encrypt’LWjLFfL[1]
  3. A window should appear. Select who you’re sending it to, sign it with your key if you wish, click ‘Ok’g4UyC6Y[1]
  4. Copy everything, and send it to the recipientAFGqEOx[1]

Part 9 – Decrypting a message

Pretty much the same process as encrypting

  1. Open your text editor of choice, paste the message
  2. Highlight everything, right click, ‘Services’, ‘OpenPGP: Decrypt’u2wWMtA[1]
  3. A window should pop up. Enter your passphrase, then click ‘Ok’gL2nnbq[1]
  4. aannnddddd there’s your messagezNX94M7[1]

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s