Generating GPG Keys

To use the powerful GPG Encryption feature available on Files.com Enterprise and Enterprise Premier plans, you will need three things:

  1. Make sure you are on a plan that supports this feature.
  2. Download and install your preferred GPG/PGP app for your operating system.
  3. Use your GPG/PGP app to generate a public/private key pair.

This tutorial covers key pair generation for Windows, macOS, and Linux.

Windows

The GPG app we will use for this tutorial is the Gpg4win app suite. You can learn about and download this here. The installer will install an app called Kleopatra, which is a key management app that can be used to generate key pairs and to import private keys provided to you by others for the purpose of decrypting files.

Once the installation is complete and you see the Kleopatra icon on your desktop or app menu, double click to launch. Kleopatra will open to a window inviting you to create a new key pair.

Click the New Key Pair button and follow the wizard prompts to generate your key pair. The wizard will guide you through the steps until you get to the Finish step. Click Finish to create your key pair. The keypair with your name and email address will appear in the window. Note that you can create as many key pairs as you need from File > New Key Pair.

To copy your public key, double click on the key name in the list, and click the Export button in the window that appears.

Your public key is the entire contents of the text that begins with:
-----BEGIN PGP PUBLIC KEY BLOCK-----
and ends with:
-----END PGP PUBLIC KEY BLOCK-----

Right-click on the key contents and choose Select All, then right-click again and choose Copy to copy the entire block. The copied key can now be pasted into the Public key field by an administrator when enabling GPG Encryption on a Files.com folder.

macOS

The GPG app we will use for this tutorial is GPG Suite. You can learn about and download this toolset here. Download and install the app just as you do any other app for macOS. The installer will install an app called GPG Keychain. Once installation is complete, you can launch the app from your Launchpad or double click it in your Applications folder.

GPG Keychain opens to a window showing a list of current keys (one will appear by default, created by the GPG Tools team - leave that there).

To generate a new key pair, click on the New key icon in the upper left corner of the window.

Fill in the information form and choose a strong password.

NOTE: Be sure to keep a record of the password in a safe place such as a password manager, as this will be required to decrypt files using this keypair.

GPG Keychain will allow you to proceed with the key generation without using a password, but this is less secure.

When you have the form data entered, click the Generate Key button to finish the process.

Your new keys will appear in the list.

To copy your public key, select the key by name by clicking on it in the list view, then click the Export key icon in the upper left corner. GPG Keychain will prepare to export an .asc file containing your public key (you can also check the box to include the private or “secret” key if you need to provide that to another person).

In the Save As window that appears, navigate to the location where you would like the exported .asc file to save, then click Save.

You will see an acknowledgement that the keys were exported.

Navigate to the location you chose to save the file.

Select the file and open it with TextEdit or a similar text editor.

You will see the public key (and the private/secret key below if you selected that option for the export).

Copy the entire public key block. The copied key can now be pasted into the Public key field by an administrator when enabling GPG Encryption on a Files.com folder.

Linux

This tutorial will show how to generate GPG keys using the GnuPG command line tools for Linux.

Install GnuPG
Run the command below from a terminal to install GnuPG.

On deb or apt based distributions (Debian, Ubuntu, Mint):

sudo apt install gnupg

On rpm or yum based distributions (Fedora, CentOS, RHEL):

sudo yum install gnupg

Generate a GPG key pair
Run this command to generate your GPG key pair:

gpg --full-generate-key

At the prompt, specify the kind of key you want, or press ENTER to accept the default (RSA and RSA).

When prompted, enter your desired keysize. We recommend the maximum of 4096.

Next, specify how long the key should be valid for, or press ENTER to have the key never expire, and verify that your selections are correct.

When prompted, enter your real name, email address, and an optional comment if desired. Confirm your entries are correct by typing O (for Okay) and pressing ENTER.

Lastly, type a secure passphrase to protect your GPG key when prompted.

Your GPG key pair is now generated. Note your key ID from the output:

gpg: key 1655A54E2B4AD8A9 marked as ultimately trusted

In the example above, the GPG key ID is 1655A54E2B4AD8A9.

Copy your GPG public key

Enter the command below to output your public key, replacing the example ID with your GPG key ID.

gpg --armor --export 1655A54E2B4AD8A9

Highlight and copy your GPG key, beginning with:
-----BEGIN PGP PUBLIC KEY BLOCK-----
and ending with:
-----END PGP PUBLIC KEY BLOCK-----

The copied key can now be pasted into the Public key field by an administrator when enabling GPG Encryption on a Files.com folder.