How do we 'initiate' mail exchange with PGP

Question

I am totally new with PGP, and I would like to know how I can initiate a mail exchange with it.

I created my public/private keys, and posted my private key on the MIT PGP Public Key Server. I can find it on the site now.

What's next? How do I create the encrypted message? (without the need of any software. I just want to understand)

I'm thinking about:

# I write my message
$ vim message
$ cat message
Hello, can you read this?

# Add the fingerprint of my public key so the recipient will be able to find the public key on pgp.mit.edu.
$ gpg --fingerprint my-mail-address >> message

# Create the message (I imported the recipient's public key)
$ cat message | gpg --encrypt --armor -r recipient@mail.address
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1

[Base64]
-----END PGP MESSAGE-----

Is this right?

You added your `private key` to the key server? I assume you mean public. — Neil Smithline, Nov 08 '15 at 18:32
`without the need of any software` you mean aside from gpg (and cat and vim). — Neil Smithline, Nov 08 '15 at 18:33

score 1 · Accepted Answer · edited Mar 17 '17 at 13:14

Apart from useless use of cat (<message gpg --encrypt [...] or gpg --encrypt [...] message would do, too) I don't see a real problem here. Adding your fingerprint is sufficient; as an alternative you could also --sign the document (the signature also includes it).

The only thing you shouldn't do is referencing your own key using your user ID, provide your (long) key ID or fingerprint here. Somebody else could create another key with the same user ID, and send you some kind of "drive-by-download" message signed with the fake key, which would result in you possibly downloading it without knowledge.

How do we 'initiate' mail exchange with PGP

1 Answers1