 Okay, so this video is going to be on GNU-PG, the GNU Privacy Guard, and how to encrypt basic files and stuff like that in Linux. So what is the GNU Privacy Guard? Well, it is a program that comes on basically every Linux distribution. And it is a tool for generating keys that you can encrypt things with and identify yourself with. It's used all the time on your computer, even if you don't know that it's being used in your package manager and stuff like that. So in this video, we're going to encrypt some files, do some basic stuff in that. But in order to do that, we actually have to generate a key pair. So a key pair is, of course, two keys. There's going to be a private one and a public one. The public, of course, is the one you can show to other people. The private one is the one that basically unlocks everything you lock with that. So in this video, we are going to generate one of those. And it's a pretty easy process. In fact, it's really just one command and a menu. So one thing you should know is some distros will have GPG, some will have GPG2. They're going to work the same for our purposes here. Just one is, you know, earlier than the other. Some distros may have both. But I am going to run the important command is GPG or GPG2 full gen key. That's what we're going to run. Now I'm going to go ahead and run that, and that's just going to create the GNU PG files or the directory that it's going to keep everything in. Now it's going to ask you, what kind of key do you want to create? We're just going to pick RSA, RSA, that's the default selection. You also get to choose how many bits are going to be in your key. So in terms of, you know, how easy it can be to crack your key, it's always better to have more bits. So 4096 would be extra safe. Since it takes a little longer to generate one of those keys and since I'm doing a video, I'm just going to say 2048. You could do 1024, but it's always better to go with longer keys. I mean, so far as I know, it's just, you know, more secure. But I'm going to go with the not as long one just because we're in a video. So then you can choose when your key expires. Now for ease sake, it might be okay to have a key that never expires, but you're pretty much going to want some kind of expiration date on your key. And that's just because if your computer is compromised, and of course your file system with your key on it is compromised, you know, that there will come a point where that key expires. So you don't have to worry about after that. Now again, for the purposes of this video, I'm just going to say zero whatever doesn't expire. You might want to say, you know, six months or, you know, six M for six months or something like that. But I'm just going to say zero here. So I'm going to confirm all that. And then you need to actually give an identification. You can just identify yourself, but by whatever you identify yourself with, I'm going to put my real name. And you also need to give an email. This email is not going to, you're not going to have, it's not going to send anything to your email right now, but this is more or less just for identification purposes. And I'm going to put that in. We can also put a comment. It doesn't really matter for this. So I confirm, I'll say OK. And now it's going to ask for a password. I am going to put in a password. I'm putting in a good password, even though, again, this is just a video. I'm not actually going to use this key. Now you'll see down here, it says, oh, well, OK. Well, maybe I should explain what this is actually doing. So it didn't really matter for us because it's already done. But what basically your system needs to do to generate this key is generate a certain amount of entropy. So if you're generating a key that's 40, 96 bits or whatever, it's going to want you to basically mash on the keyboard, open a bunch of programs while it's loading, while it's actually making the key pair just to throw in randomness into the system. But ours actually finished really quickly. So that's fine. So that's actually it. You now have a GPG key pair. So you might wonder what that's for. Now, the reason I'm doing this video is the next video I'm going to put out on my Neomut config. You actually need a GPG pair to encrypt your password safely. But I'm going to show you how to actually encrypt files generally using a GPG key pair. So let's actually we'll create a file. Actually, we'll we'll echo, you know, a secret. So this is a secret, and we're going to put the secret in something called file. So there is now a file down here, and we can open it up. It says this is a secret. So if we want to encrypt a file, we can use GPG to encrypt it. So how you do that is just GPG, and you need to set two things. One is the R option. And the R option is for the recipient, whoever this, you know, the the encryption, you're encrypting this for someone else to view. Now in this situation, we're encrypting it for ourselves. So what you should put for the recipient is whatever email you identified yourself as in your GPG key pair. So I'm encrypting it with for my email. So the recipient is that. And then you just say, give it the E option and choose whatever file you want to encrypt. So I'm going to say, all right. So now you'll see the file is still here. It's still, you know, open secrets right here. But there's now a GPG file. And this GPG file, this is an encrypted version of your original file. So now, so basically this file, you could put this up on the internet, and no one would know what it was, only you could decrypt it. So what we, in practice, what you're going to do, of course, is you're going, you don't need to recursively remove that, but you need, you can remove the original file. So now that original file, I should have shredded and then you'd it, but you know, whatever. You can get rid of that file. Now that file's gone. Now we don't need to worry about it. So now, you know, your friend Billy could be on your computer and he's never going to find your secret. Now how your secret will be revealed is if you write GPG and then the D option and then give it a file GPG. Now D of course is decrypt. If you run that, what it's, what's going to happen is it's going to ask for your password, your GPG password that you put in when you were actually creating your key. So I'm just going to put that in. And once you do that, it will actually print out what the secret was. Here it is. That's the contents of the file. In fact, we can put that in another file, you know, new file. And we can see that of course that is, there it is. So notice that if I run, if I run decrypt a couple times, it's not going to ask me for a password every time. And that's because once you have cached your password, there's a certain period for which you don't have to put it in again and again. So that's so if you, you know, you're running a bash script that's decrypting a whole bunch of files, it doesn't have to ask for your password every single time. Now you can change those settings. Now as it is right now, I have to put in a password, you know, whenever I first decrypt something, I need to put in my password in order to, you know, actually decrypt that. You can set it so you can use something like panGPG, panGPG to, you know, automatically log into your GPG key when you log into the computer. Or you can make it so that your sign-in never expires. So if I sit here for, I don't know what the default is, like 10 minutes or something like that, and I try to decrypt it again, it's going to ask me for my password. You can change those settings as well. So just know that. But anyway, this is pretty much all I wanted to talk about in this video. Again, basic decryption, how to make a GPG pair, very simple stuff. But anyway, hope you learned something and I'll see you guys in the next video.