Perfect OpSEC - Become Invisible Online
This series is for educational purposes only. To get back to top-level table click here.
PGP
Usage of PGP is well documented in the community, so I really won't go into explaining what it is or why we should use it, instead I'll provide resources for your to go learn from and a TLDR on how to set it up for yourself.
TLDR Setup
Important:
- Keep the private key OFF your computer, keep it on a removable drive. You should be in Whonix or Tails, so just do the following:
gpg --full-gen-key
Select:
- RSA and RSA
- 4096
- Never expire is fine
- Put in a bunch of random fake information obviously - careful of author profiling. Export your public key:
gpg --export -a "USERNAME"
Find username of keys you setup:
gpg --list-keys
Verifying a message sent to you
gpg --verify
Sending a message to someone else
You have their public key, which should look like this:
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGDgly0BEAC5PyMpaLdhte3k/UVM8NvhRgWQVU1u3GfeGU4FpcJurFnW97dT
R9i4A3yqA2+x7Ap16Umg1Fr00rdJXk4ihFjJ1m153U3/196YAof4ViWT0FhhBi+P
z3fzBqyX+/AwBXBueG2WjSXZmscBVsTwuddzNDSMmczWt28aDtU+RhD7YsGHrCN3
U1R1rb7fBtrv3d/Gpt5UOQ6CVy83cJ6pj+/8YagC0aVO7z/durdE6XqkMouivkms
GcPSqMzwoG2iWQmeMZ+X9X2gDvaPGDOE6iEuIb4BSOzj+RPQDwkPWEI8+MP3N85p
Jx4/BHH0b9smgdMG5OI0hghgs+cNW6waOOY2czRSzfrzr8+FDMh/otBjBWFuMdJJ
LsBiYas7xxSYB5CY/Ygz1uLEWNZ7lN3v+cINdtW5qnf7otSnRhGaWtpeIBplXst0
JG1qUzMFUX/4BxaYbIHp4FmhwVjzYZxb2Zlr0D7W+3rLg91WlGe7ENTQme9qjX42
9wlylqyE2jS0/utXrlwcpzjd2E8++2O4clabwQaVPUo5ZjfJgrqpQX14o6bjGYGf
ZJ+rX2wtQCYfxzUxFuGdi6X/le8UeeYm2QTNIkwWGCrp+4efJKdtrYx9YqmWPSBO
/1TOW2wPZ+di0qhoyyb9lxQWSHYMpkWKevFqPFRFsGFrvnro12prGELGMwARAQAB
tDFGdW5zaGluZSAoSGFja1Rvd24gQWRtaW4pIDxoYWNrdG93bkBlbHVkZW1haWwu
Y2M+iQJSBBMBCAA8FiEE5fctHiV2LbeMGexzwsY/VqsWez0FAmDgly0CGwMFCwkI
BwIDIgIBBhUKCQgLAgQWAgMBAh4HAheAAAoJEMLGP1arFns9eLAP/0zcUw/Z+04O
3zoeQKiGJjmDbpdIL+YmfM/jtQTqqryQ5I0oJTML7oweIIwM1M5Ku4zCmds/wmaY
IgT4RCnB28pKSixemCT+6RCkJpIN0x4bvhcxJjiMRuhSv/sIAi+HUW0RmgpcqEww
Cayblz7rfMMTfJY0A0KP0ers9CKO2G4AUr9IEfLaJZ6Qsayq4+CJ7zEbtNgCVtqC
YULQfvlafCXcBD8cgA4V8T0n5aJqmM/IDJ2bigPCetzrXgFW1wq33n3QGSSmV55O
1PC2qzTsukxXCkGTXxitU4esN40I1rdDzb9swee7ZoxeZ3GsVB/AlQNjzxsVIq7T
cyzIQdOWBVlv1SWqy+ZkDGaab7YCIZxh5tr+1VGg3NaBTy/r7fEhSEY1H8FysV64
y4apbAyVWw6XssWLbr9Sy0IatVyi4pQiigHWfBdRSh5q+3Bp8XoGnQJLjLpvfL9B
iiS3h1TEsR/TlrCIZusS9GX3MOEO1eDNgL/S1i6pBbhKEuCfCV2WlHFFaxWrGmNo
SryHwwIdx/dwYTAriFt7wVa6n195H/XfY+8PaQweGydoZZB9xSnDN812jCYwex4w
qaTlqWVTWNq4a5fdmkiLd9HQB5jZdGgnRfK1/T9IL50BfAXltMNhsqAZ0dXyokd+
QSq3FAYsjDaa/McK7JaaifOb78W/PHlluQINBGDgly0BEADaEKjZNkEb7quNEyky
KZXEGmhrS3Qc6/0/2lKYCEgSxHnHksZQy1/EL9OAtyQ5WHOFmPdfMi+t/pXu2AFd
4IJh0j1mxu34LaHdtSQeL9vqmq79sehHR8jV4c0Xy2DQYXbyUBXJnoBKn83Sax8I
xaP8u/MiEQZxlKPCd6MVAwVhTNd+eV/1KGlZ+x0OD92ig+x9VXb/CGmZdcMRxYs1
gGW+2iNBpUMvDQgqNJl1q+/ZN7qJWg8hxACaKDnwNEU7cj4IIZgU5h63ymkr7yho
dxyxmLKTpxGv7gfNe86xvQW/DmgyDNtuNWrBUOGo0zULAF+imAD8FY9asDooU/oU
5MpTA/Snnjz67BASOf3N+7pRFEpEQfoqEjVhLUIIC3g1nCcxaqyJheKwoh56Conu
rasH6bPPd6pCWrFqPzHFkQxcgAEgXnkpaib7s0zecjXN6X6uRet2zUhMiIESyBgM
5ZgeAFJxbr5dPfGPVK3/GLl/XpQBgsAvLcEgqmtsw0Y/ulb8/N0wgJ/qktQDNQw9
xl0hvtrSTpQf0YbKr/Jdm5LuIdjNaRsKxVjOCj7ot6iw565UTmfbM9NaVz4SoeHr
hV30WCUGrlSQyBcJeW46VGi3E0siLMrWL/PwWLBj1X+yQe0kIbr2frDKxKPsJIWM
LikDE1GOHL/KbyrSveDs/64FAQARAQABiQI2BBgBCAAgFiEE5fctHiV2LbeMGexz
wsY/VqsWez0FAmDgly0CGwwACgkQwsY/VqsWez3uJw/+PdUf1nCvyMEXgDaSAI0Y
RquRF37mJeV6E1+gPxmqOckweSXYbG7Py3JhrUmIRukINeQTkMFI5VMAvY6KipuL
gpP67JzLPY8VnwYXgfuRx2hMm6N59W3HnIje93iFu43VSIEdSZgZX+UT4QB/L949
SsKI47N7FhwHUWUZOzJU1uVIBkHJX1GqQPvXng6bjmHf8vU9bI1DVMkdWxKU+oO1
+npiI8qcOw3AIKXqq5UV25KIwGXh1luDAOcf0uFZBdIMmcooypAwrjdJAqeIgCKA
woGFh8Ts8bF2RfRb5aQCeoRFfoPS9+DwuUuJW90QTaSKtP4NgN0Z+8U813UUdCxE
xrmpn3imfXhj/kxRwqnMuOufAO1yN0Os/qfNMm7LpRXbRkeClw8b7TO3Uu0j05Gg
wm/8cIifxYRyS896gh7XyM/s+X7L7PndhxyR72ikSMD82nJ1GJ8WHH1RvyEhIdpo
fTFlHCUDXxZ8awL546ScRljp0KGQDlx+DoaMlocDTsqYarryTws2uKwyoc1VGmm/
RhomFXR0tsewLQClnPecbU6XVfHZST3lzY/WPVcFcJ8bqtudw8VJ7LjJZT4LxSWV
gp1DTAS9ZeGMtJCu2SOA4HakqvL4bUlsaUj/PAG/5tDgFRDyGsCIJJ/Q5FVA6QYe
TNiq2AFFLrEYhNTJFYg9hNw=
=ts4W
-----END PGP PUBLIC KEY BLOCK-----
Import their key
gpg --import
...
gpg: key C2C63F56AB167B3D: public key "Funshine (HackTown Admin) " imported
Use it to sign your message:
gpg --encrypt --armor -r C2C63F56AB167B3D
Decrypt message sent to you
gpg -d
OPSec Warnings
- When you import a PGP Key, it can reach out to PGP servers to validate it. Make sure you're not being dumb and doing any of this outside your wonderful setup.
- Always put a date in any message you sign - otherwise anyone can copy that message and send it to someone else impersonating you!