Home » Articles » PGP Tutorial For Newbs Gpg4usb
Click Here To Hide Tor

PGP Tutorial For Newbs Gpg4usb

To wrap up the last of the PGP guides we’ll be covering gpg4usb. Gpg4usb is a PGP tool that can be ran off of a USB drive and works on both Windows and GNU/Linux, with OS X support planned. It features a very intuitive user interface, portability so it can be used on multiple devices, and is of course open source. It uses GnuPG as the backend, like most PGP methods. The operating system used in this tutorial will be Linux Mint, but the UI will be the same across GNU/Linux distros and Windows versions.

>>>Add A Layer Of Encryption: Click For The Best VPN Services<<<

Please keep in mind that not all versions of PGP are created equally, some PGP programs use an insecure or unsafe version of PGP that could comprimise the encrypted message. Others — namely PGP4Win, Kleopatra, and GPA – use depreciated versions of GnuPG. This means that they aren’t up to date with the latest version of GnuPG or meet modern PGP standards. This can be dagerous as, for example, Kleopatra doesn’t generate subkeys. Subkeys are important as they can be revoked to minimize damage from a comprimised key. You’ll also want to keep in mind not to use online PGP methods like iGolder. You don’t own the keys, so you can’t be 100% sure they aren’t encrypting/decrypting messages that are meant for your eyes only.

Why use gpg4usb over other PGP methods?

  1. gpg4usb creates RSA keys with an encryption subkey and a master key. Your master key is used for signing other keys, creating subkeys, and revoking subkeys. Having subkeys is very important since if it becomes compromised, you can revoke it with the master key and create a new secure subkey.
  1. Like stated above, gpg4usb is cross-platform. If you decide to switch from Windows to GNU/Linux you can still have the same keys and a familiar interface to work with. With OS X support planned this only gives another reason why you should use gpg4usb over other programs.
  1. gpg4usb is portable. This means that you can bring your keys and PGP program with you wherever you go without needing to import your keys into another program. If you plan on doing this though it’s a good idea to encrypt you USB drive. This page over at the ArchLinux wiki explains how you can do this on GNU/Linux any why you should encrypt your USB drive, or read this page if you’re using a Windows computer.
  1. The interface for gpg4usb is the most intuitive out of all other PGP front-ends. The UI is laid out in an easy to understand manner and options are clearly defined.
  1. You can encrypt messages created in gpg4usb with multiple keys. This means that you can have multiple recipients for a message, and you can even encrypt it with your own key. Nobody decrypting a message encrypted with multiple keys can see that it was meant for anyone other than them. This is good if you get scammed on the DNM since you can now have proof to back up any claims you have.

Part 1 – Installing the software

Since gpg4usb is a portable program, it’s not really installed per se. It’s a bunch of files that will be extracted from a .zip archive, and copied onto the USB drive. Head on over to the gpg4usb website and click on the green download button, and save the file. If you want to check out the source code you can visit their development page here.

Note: gpg4usb will not run on GNU/Linux distributions on USB drives formatted as FAT. If you’re only using it on GNU/Linux operating systems then ext4 would be best, otherwise format it to NTFS.


After the download has finished open up the .zip file with your archive manager of choice, you should be able to just double-click on it. You should see a folder named ‘gpg4win’, with all the files needed contained within that folder. Copy that folder over to your USB drive, open it, and it should look similar to the below picture.


That was pretty simple right? Check out the README file if you want to know more about gpg4usb. To open it, all you have to do is double-click ‘start_windows.exe’ if you’re on Windows, or ‘start_linux_xxbit’ where ‘xx’ is your CPU architecture. For the majority of users this will be the 64bit version.

Part 2 – Generating your keypair

This is the very first thing you should do. Without your own keypair, it will be impossible to receive and decrypt messages. Open up gpg4usb and you’ll be greeted by the ‘First Start Wizard’. This will walk you through the steps of creating your keypair.


Choose your language then click ‘Next’. It will now ask you if you want to create a new keypair, import keys from GnuPG, or import settings/keys from an older version of gng4usb. Click on ‘create a new keypair’, then click the button that says ‘Create New Key’. You should see a window with the title ‘Generate Key’. Fill out the information, fill out a fake email if you don’t want to use one, select if you want it to expire or not, choose the KeySize, then create a strong password. A 2048 bit keypair will do fine until 2030, but it’s recommended to use a 4096 bit key. If you want to know more about how the keysize affects your security, check out this link over at the GnuPG website.

If filled out correctly your window should look something similar to below.


You can now click ‘Ok’, and your keypair will be generated. This may take some time depending on what you’re doing on your computer. Watch some porn, torrent some GNU/Linux ISOs, type up that essay you were supposed to have done last week. If all went well a window will pop up saying your keypair has been created.


You can now close out of the wizard, and select if you want to see the offline help or show the wizard again next time you start up. You’ll be brought to the main gpg4usb window and will see your keypair on the right, along with gpg4usb’s keypair.


Part 3 – Obtaining your public key

To receive messages you’ll need your public key posted somewhere. This is really easy in gpg4usb as you don’t need to save it to a file first.

With gpg4usb open, click ‘Manage Keys’ at the top. A window titles ‘Keymanagement’ should appear. Check off the box beside your keypair name, and click ‘Export to Clipboard’ at the top. You can now paste your public key somewhere people can access it so they can send you messages. If you want a backup of your public key you can also click ‘Export To File’ and save it somewhere.


Part 4 – Obtaining your private key

It’s a good idea to back up your private key somewhere safe in case of computer failure. Although rare, things do happen and you don’t want to be stuck not being able to decrypt that very important message your mother sent you.

From the main window right click on your key on the right, and click ‘Show Key Details’.


From here you can see the details of your key, it’s fingerprint, and export your private key. Click the button that says ‘Export Private Key’ and it will warn you that this is sensitive information that is not to be shared. Select somewhere to save it and keep the filename it gives. A good idea is to save it to a microSD card and hide it somewhere. You don’t want anyone other than you to get a hold of your private key.

Again, it is very important that you keep this file somewhere secure.

Part 5 – Importing a public key

gpg4win makes this just as easy as exporting your public key. Highlight everything in the public key, including ‘—– BEGIN PGP PUBLIC KEY BLOCK—–‘ and ‘—– END PGP PUBLIC KEY BLOCK’, and copy it. In the main gpg4usb window click ‘Import Key’ at the top, then ‘Clipboard’. You’ll see a window pop up with the imported key’s details.


Close out of the window and you’ll see the public key has been imported.

Part 6 – Importing a private key

This is just as easy as importing a public key. In the main gpg4usb window click ‘Import Key’, then ‘File’. Browse to where you saved your private key and open it. You should see a window pop up confirming that it’s been imported. Click ‘Ok’ and you’ll see your keypair in the right part of gpg4win.


Part 7 – Encrypting a message

Encrypting a message in gpg4usb is super simple. In the main window for gpg4usb there will be a text box. Type in your message, click the checkbox for the recipient on the right, and click ‘Encrypt’ up at the top. Your encrypted message will now take the place of the unencrypted one. Copy and paste this and send it to the recipient.


Part 8 – Decrypting a message

Once again, gpg4usb makes this really easy. Just paste the message you received into the textbox and click ‘Decrypt’ up at the top. Enter your password and your decrypted message will take the place of the encrypted one.


Part 9 – Conclusion

If you’ve followed the above steps and understood each one you’re on your way to increased privacy in a world that wants to invade it. PGP can seem complicated at first, but once you learn it you’ll laugh at yourself for thinking it was so hard. Even if you still think it’s complicated or a waste of time, just keep in mind that taking an extra 60 seconds out of your day could possible save you from serving 5+ years in prison.


  1. mister bickles

    total BS!
    won’t work/unpack/execute on Ubuntu!

    • Jellybean

      It does work on Ubuntu, I use it regularly on Ubuntu 14.04

      • mister bickles

        OK..i’ll re-try….

        (might have some-thing to do with the USB stick….they can be a bit dodgy!….should it be formatted as FAT-32 or NTFS ?)


        • Jellybean

          Yes running from a USB can cause problems but it doesn’t have to be run from USB, you can use it from a folder and put any encrypted text or keys on the USB.

          • mister bickles

            couldn’t get the “linux” options to work;

            the inter-active GUI window never popped up :(
            (instead…..wanted to open with “python” or some-thing)

            i gave up trying in the end!

            might post on the Ubuntu Forums abt it;

            works fine in Windows;

            i think i’ll just stick with that for now….

          • Jellybean

            I had problems with the permissions of the file on a USB, it wouldn’t start it on a USB for that reason I don’t know a way round that so I use it from a folder and then use secure delete(nautilus) to delete and write over any files I decrypted. If you’re using Ubuntu it might be better using Seahorse, it can be added to the file menu so you get an option to encrypt/decrypt when you right click on a file, I use that with nautilus and nemo but I’ve only seen secure delete for nautilus.

        • FAQ
          gpg4usb does not run from usb flash drive on linux

          Current linux distributions don’t allow running from usb flash drive formmated with FAT

  2. It works fine for me on Xubuntu. Using it for quite while. I agree it is the GPG Software with the most intuitive interface.

  3. Hi, thanks for the manual.
    But you say “GPG4Win, Kleopatra, and GPA use depreciated versions of GnuPG”.
    gpg4usb uses GnuPG 1.4.18 and Gpg4win uses version 2.0.27.

    • Jellybean

      GnuPG version 1 and version 2 are totally different, the problem with GPG4Win is the keys it creates, you can use it with a key created on GPG4USB or Seahorse and it should be better.
      GPG4Win(Kleopatra) creates keys with no sub key and can create broken key, GPA will not create a 4096 bit key.

  4. Thank you so much, got me up and running straight away :-)

  5. Might I suggest using KGpg for Ubuntu. You can find info on it here: http://packages.ubuntu.com/kgpg

    It is much better than Seahorse.

  6. I am a complete noob to encryption and I found this very useful
    My one question is as follows:

    So I’ve encrypted a message and want to send it to someone. How do they decrypt it on their end? Surely I have to give them the key, at which point the whole effort is pointless if the data is intercepted…

    • They can decrypt it with the private key

    • i think when you click on their key when you encrypt it then you just have to send it to them and it will already be in there key so they just have to decrypt it. you just have to choose their key when you encrypt it and send it to them

      • josh

        Is gpg4win (kleopatra )is not safe to encrypt or decrypt messages over dark net???
        please reply soon.

        • CJSarpyII

          I don’t know that I’m qualified to advise, but I’ve been working Telecommunications & security, encryption with VPNs, etc. I’m going through what you are, this is what I can “read into” & what I’ve figured out so far. Generally, Windows sucks! Security problems, basically an OS with built in malware. Fact of life. Have to deal with their engineers who are often clueless. The folks good enough to make this encryption system to protect us in these marketplaces seem to have also accepted this as fact. Therefore, if you can use Unix or Linux with a program for those platforms, you are much safer. If you are working with Windows, I was left with the impression Gpg4usb is a bit better thangpg4win, but they are probably not real far apart. I have read post that said the first is vulnerable to a “ten year old with a cell phone”. I’m figuring this out today, so that’s about all I’m informed of so far. But I know Windows sucks relative to a Unix, Linux, Mac, and probably Android and these programs have to run on it.

      • Wheelus

        Thanx, Jesse.

  7. Why do I need a private key? I have a public key so that people can send me encrypted messages, but what is the purpose of a private key?

    • cf

      The keys are a called a key pair, as they are created in a way that links them together mathematically. What is encrypted with your public key can only be decrypted with your private key. Your private key can be used to sign a message, and then people can use your public key to verify that the message actually came from you.

      You want to make the public key widely available, so anyone can reach you and anyone verify that important messages are actually from you. You want to keep the private key secure and known only to you, so that only you can read messages sent to you, and so that no one can publicly impersonate you.

  8. i just click box on market vendors profile…is this not enough…will vendor still send to me? 1st order

  9. I can’t get this to work on my mac- OS X Yosemite. Wondering if anyone could help? Thanks

  10. The AlphaBay Market has determined the public key I created is “invalid” despite following the tutorial to a T. Did I do something wrong? Any help would be appreciated.

  11. Jesus the arab slayer

    When sending a message, after you encrypt it, do you not need to send your public key also so that they an decrypt it?

  12. hidden and inpain

    i downloaded the Gng4win tonite,im new at this but i was a short time later writing a comment and when i pressed send this is what happened ,im tired in pain and because of this very anxious,god now im terrified i will never be able to have quality of life,..please could soeone in the upper day to day respond to this about i sufferchronicpain and anxiety,i have 2 gmail accts and proof of all that neede to be installed,im very hopeful you will reply,all the advice i took grans and when i can attach youll see ,I understand wordfence autoomated response but know compassion is a virtue

  13. thanks that means you will read it

  14. when i try to import my public key from the clipboard the window that pops up says considered: 1, public unchanged: 1
    does this mean it hasn’t imported? please can you advise

Leave a Reply

Your email address will not be published. Required fields are marked *


Captcha: *