Thoughts/Tips/Tricks/Tutorial on Pgp

The Public key is the key you share with others so that they can encrypt stuff to you and verify the things you signed, you can even share the public key in an insecure way because it is a public key

The Public key fingerprint is a shorter version of the actual public key, it is used to verify if the public key has not been tampered with.

The Private key is the key that you use to decrypt/sign things. This key should not be shared with others under any circumstances. You should set a strong password for this key because if someone gets access to your private key they still can’t use it without your password

GnuPG is the most popular implementation of the OpenPGP standard which is why we will be using it. Here is how to install it
Arch: # pacman -S gnupg
Debian: # apt-get install gnupg
Void: # xbps-install gnupg
Fedora: # dnf install gnupg
FreeBsd: # pkg install gnupg

These commands require to be run with root permission eg. sudo/doas or running the command as root

To use PGP you must generate a key pair which contains a public key and a private key. To do that run this command:
$ gpg --full-gen-key

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
  (14) Existing key from card
Your selection? 1
  RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (3072) 4096
 Requested keysize is 4096 bits
Please specify how long the key should be valid.
	 0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: Your-online-username-or-alias
Email address: yourealemail@random.tld
Comment: Random comment
You selected this USER-ID:
    "Your-online-user (Random comment) <yourealemail@random.tld>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy. 

After this enter a strong and secure password to protect your private key. You will prompted to enter this password, when you try to do things such as signing and decrypting stuff.

To export your public key run this command:
$ gpg --armor --export youremail@random.tld > my_email_public_key.asc
You can now share this file with your friends and they can encrypt things to you c:

To import your friends public key just run this command:
$ gpg --import bob_public_key.asc

Coming soon™

Now that you have verified that your friend’s key has not been tampered with, you can encrypt files to them :D

To encrypt files run this command:
$ gpg --encrypt --armor -r bob@random.tld top_secret_message.txt
This will turn your file into an .asc file which you will send to Bob. This file can only be decrypted by Bob (or the person with Bob’s private key). Therfore not even you cannot decrypt the file after encrypting it

Bob has recieved the encrypted file you sent them, to decrypt it they will just run:
$ gpg --decrypt top_secret_message.txt.asc