GnuPG: Secure Mail for Win, Mac and * nix

GnuPG (GNU Privacy Guard) is an open source implementation of PGP compliant with OpenPGP standards ( RFC 2440 ). GnuPG allows you to encrypt, decrypt, sign, and verify email messages using key pairs (RSA by default). The most common use of GnuPG is in encrypting email and verifying the signature of files uploaded for download. But it is possible to use it in other protocols: for example, PSI (Jabber-client) supports GnuPG and allows encrypting conversations on a continuous basis.

Consider the installation and initial configuration of GnuPG for three operating systems: Windows, Mac OS X and Linux.
It is understood that the reader has sufficient knowledge to execute several commands in the OS console (CMD / Terminal / xterm, respectively).

Download

Windows : GPG4Win is a pre-built GnuPG + GUI + Claws-Mail.
Mac OS X : Install GPG Suite
Linux : Depending on your distribution. The keyword is gnupg2.
Due to the variety of clients under * nix, it is useless to paint the installation for everyone.
The list of clients supporting GNUPG is here .
')

Installation

Windows : Standard installation. Do not forget to tick "Claws Mail".
Mac OS X : Install GPG Suite.
Linux : Depending on the distribution and email client:) l.

Creating keys

We start the terminal (cmd.exe / Terminal / xterm).
For Windows OS, do cd "Folder_Where_installed_GPG4Win" (C: \ Program Files \ GNU \ GnuPG \ by default)
For all: we execute the gpg2 command --gen-key
You will be asked a few questions.

  Please select what kind of key you want:
    (1) RSA and RSA (default)
    (2) DSA and Elgamal
    (3) DSA (sign only)
    (4) RSA (sign only) 

Choose 1.

  RSA keys may be between 1024 and 4096 bits long.
 What keysize do you want?  (2048) 

2048 should be enough. Just hit Enter.

  Please indicate how long the key should be valid.
          0 = key does not expire
       <n> = key expires in n days
       <n> w = key expires in n weeks
       <n> m = key expires in months
       <n> y = key expires in years 

After what time the key will be considered invalid? Click "Enter" :) Let it be eternal.

Next, click "Y". And answer 3 questions.

Real Name: - enter your name in Latin letters (ex. Vasily Pupkin).
Email: - enter e-mail (eg v.pupkin@gmail.com)
Comment: - anything, from company name to nickname)
If everything is correct - press "O".
Now we will be asked for the key password. Enter 2 times one and the same (or 2 times press Enter for a key without a password).
A few seconds ... And the key is ready! Hooray! )
Checking: gpg2 --list-keys
pub 2048R / 5C35B909 2010-01-31
uid Vasily Pupkin <v.pupkin@gmail.com>
sub 2048R / 40ADD978 2010-01-31

Using

Windows: Launch Claws-Mail. We connect the mail account (the one for which the key was created!).
We go to the settings-modules, check that there is a GPG module.
Now, create your own message and select Options-> Encrypt.
By the way, we can immediately create new keys for another account - Settings-Account Settings-Module-GPG-Generate a new key pair
Mac OS X: Start Mail, create a new message, see the “Signed” and “Encryped” checkboxes. We can choose a key for signing / encryption. For 10.6 and Claws-mail is similar to Windows.
Linux: Depending on the client. For Claws-Mail is similar to Windows.

Correspondence

For correspondence with the subscriber you must have his public key. You can get your key with gpg2 -a --export your e-mail .
Import someone else - gpg2 --import key file

The final

That's all. Good luck to you encryption)
If you want to check - write to me (do not forget to attach your public key attache).
My key is here .
Good luck!

UPD@23.01.2014: Updated links