For the longest time, I haven't used PGP to encrypt my mails simply because I didn't know how to use PGP and how to implement it in E-Mail clients. Until now.
As you might've noticed from my contacts page, I have attached my PGP key to my website, but how to send encrypted mail to sprinklednights the sprinklednights' way?
I'm gonna assume you know how to use the terminal and I'm gonna assume you use GPG.
First of all, if you haven't done that already, start with actually creating a GPG keypair:
$ gpg --full-gen-key
Select RSA and RSA (i.e. the first option), enter 4096 for the RSA key's length since it's the most secure, and enter 0 for the key to not expire. Now enter your name and the E-Mail address you want to use to send encrypted E-mails. Finally, it'll prompt you for a password. MAKE SURE IT'S SECURE.
Now configure gpg:
$ $EDITOR ~/.gnupg/gpg.conf
Save and exit and run:
$ $EDITOR ~/.gnupg/gpg-agent.conf
allow-loopback-pinentry
This will be later required for getting a prompt when trying to decrypt an E-Mail.
Now set up aerc to integrate your PGP-keyring:
$ $EDITOR ~/.config/aerc/aerc.conf
pgp-provider = gpg
Save and exit and run:
$ mkdir ~/.local/share/aerc
If it doesn't exist already.
Enter the following commands:
$ gpg --export >> ~/.local/share/aerc/keyring.asc
$ gpg --export-secret-keys >> ~/.local/share/aerc/keyring.asc
Now, the way PGP works is you have a public and private key. Keep the private key private, as for the public key, the recommended way to do it is by creating a file for it:
$ gpg --export --armor myemail@account.com > mypublickey.asc
which you can attach to your E-Mail for them to send you encrypted E-Mails back.
To send encrypted mail to somebody however, you need their public key first. Many websites add their PGP public key alongside their E-Mail for you to download the public key to let you import it:
$ gpg --import recipient_public_key.asc
Finally, start aerc. When composing a mail and your done, aerc by default prompts you with Send this email?, in which you first add your public key as an attachment (press a, and then enter the directory). Then, enter the commands:
:encrypt
:sign
If you receive the message Cannot encrypt, missing keys: EMAIL_ADDRESS, make sure to have imported their respective public key first.
To decrypt a received mail, enter:
:pipe gpg -r myemail@account.com -d
which, in case you haven't done it before, will prompt you to enter your gpg key passphrase.
After all of those steps, you should be able to send encrypted E-Mails with PGP :D