All shell commands will be in code tags. Output from GPG to the terminal will be in quote tags. My comments are simply text. To use GPG you need to generate a key pair. This consists of a public key and a private key. It is safe to give the public key to anyone who you correspond with, the private key should not be shared with anyone else. You can think of the public key as being an open lock, which you give to the people who you want to be able to communicate securely with you. You can image it as the people you have shared your open lock (public key) with putting their messages to you in a secure box and locking it shut by closing your open lock on it. Now even they can not open the lock. You keep the private key yourself, in a combination safe. The combination to the safe is your passphrase. After providing your passphrase, the combination safe is opened and the private key is used to unlock you closed lock and take the message out. GPG doesn't actually require that you understand much of this, simply that you know the basics of public and private keys. Let's generate a key pair from the command line: you will be presented with a series of questions regarding the key you are generating This is simply asking you which encryption algorithms you would like to use for session key encryption and signature. It doesn't particularly matter the selection you make as all of the options are secure, however you will want to select either option one or two as three and four are used for signatures only. I will go with the default of RSA and RSA, so I enter 1 and press enter. Now you will be asked the strength you would like to make the keys. Generally you will want to go with the strongest possible choice, 1,024 bit keys are currently considered to be somewhat secure but they are probably crackable by agencies such as NSA and will not be secure against less powerful attackers for very long. I will select 4,096, which should remain secure for quite a long time. Now you will be asked how long the key should remain valid for Chances are that you want your key to always be recognized as valid by the people you communicate with. I always put 0 here, as I have thus far never desired a key that expires. Now you will be asked the name and email address characteristics you would like associated with the key For real name you should absolutely put the same thing as the pseudonym you use the key for. Failure to do this will result in pissed off vendors and may very well end up with you being ignored, as nobody wants to spend the time required to figure out which key belongs to you. For email address you can either put a legitimate (anonymous) email address that you can be reached at, or something made up. I generally make something up, although using a real email address is a good way to keep in touch in case your regular channel of communication is ever compromised. You will be asked for any additional comment that you would like to be associated with your key now you will be presented with the choices you have selected and given a chance to change them if you desire to do so. I am happy with all of this so I will select O. Additionally, a GUI input box may pop up. You will need to enter your passphrase twice. Your passphrase should, at a bare minimum, be longer than eight characters. ideally, it will be an entire random sentence consisting of multiple words with out care being taken for grammatical correctness or making sense. At this point it is wise to randomly type on your keyboard into the terminal to help speed up the entropy gathering process. This is especially important if you are in a virtual machine, as there is not a mechanical hard drive to be used a source of randomness. During the process of gathering entropy, mathematic symbols are printed to the screen, seemingly for your amusement. Eventually your key will be generated, as signaled by something like this note: this doesn't match the key I actually generated because my terminal fucked up. This doesn't usually happen . Now that you have generated your keys, you need to be able to get your public key to give to the people who you would like to be able to securely communicate with you. Remember, you use peoples public keys to encrypt messages to them, and they use your public key to encrypt messages to you. Private keys are used in the message decryption process. let's export the public key -a signals that the output is ascii armored and --export is the flag to export a public key. You need to make sure to specify the e-mail address of the public key you would like to export or else it will export all of your public keys as one huge ascii armor block. I believe it is also possible to do it by username, however it seems to easily be confused, as when I specified it export kmfkewm it was exporting my real key which has the username of KmfkeWm, but when I specify by email address it works as expected. When people want you to be able to send them encrypted messages they will send you a copy of their public keys and you will need to import them. This is an easy process, feel free to test it with the key I have listed above. First, copy the key so that it is in your clipboard. now paste the key to the terminal.  note: ctrl represents the ctrl key, you do not type it in. Now that people have your public key, they are able to encrypt messages to you. Also, now that you have their public key, you can encrypt messages to them. Let's encrypt a message, in this case I will simply encrypt the message to myself. Allegedly you can specify users by username, however the same issue with kMfkeWm vs kmfkewm seems to be present, so it is best to select users by their e-mail address. Alternatively, you can select them by their full user ID. Let's take a moment to side track the current train of thought to show how to get a list of the full user ID's of people whose public keys you have: The UID consists of everything after UID up to and including the closing > so let's get back to encrypting messages. Since it asked my for the UID of the recipient I wish to encrypt the message to.... At this point I could select to encrypt the message for multiple recipients, however I do not desire to do this so I simply hit the enter key with a blank line to signal that I have selected all desired recipients. Now type your message in This is the ciphertext, and it has been encrypted to my key. Of course, it will be encrypted for whoever you selected when you entered a UID. Sometimes you will get encrypted messages and need to decrypt them. Since I just encrypted a message to myself I will now go through the process of decrypting it. You are presented with a blank line. Simply paste the ciphertext that you wish to decrypt you will likely be automatically prompted for your password at this point, possibly in the terminal or possibly in a pop up GUI input box. Enter your password. To view the decrypted message you may have to hit ctrl d That sums up the basic commands required to use GPG from the command line. Of course you can do a lot more with GPG, symmetric encryption, hashing, file encryption, signatures and validation, etc, but I am not going to cover all of those unless people specifically request that I do. I hope that this shows that using GPG from the command line is trivial and that using GPG in general is trivial. I believe that this tutorial is fully cross platform. You do not need any fancy GUI or OS specific bullshit to make full use of GPG, and in fact I find that controlling it entirely from the command line is far less of a hassle. It is also far more secure as now an attacker sending you malicious ciphertexts can only hope to exploit a vulnerability in the core GPG engine, instead of the GUI package or wrapper you are using for GPG.