Quote from: nomodeset on July 26, 2012, 04:30 pmKleopatracomes with GnuPG4win (http://gpg4win.org). It has a more pleasant interface, but is more prone to crashing. It should be available in the Quick Start menu after the program is installed. For more information see this guide http://dkn255hz262ypmii.onion/index.php?topic=131.0Guru has also uncovered a flaw with the default method Kleopatra generates OpenPGP keys such that while the program may be fine for general key management, it is not ideal for generating new keys. The problem is that it creates old-style Certification/Signing/Encryption keys instead of Certification/Signing keys with Encryption subkeys.Big kudos to Guru for discovering this bug!Quote from: nomodeset on July 26, 2012, 04:30 pmgpg via command-line interfacealways available, but slightly more cumbersome. On most systems, go to a command prompt and type the gpg command. On Windows, the command is placed in the %SystemDrive%\Progra~1\GNU\GnuPG\pub directory after it is installed.It's always worthwhile learning how to use GPG on the command line because it provides so many more options that way.Quote from: nomodeset on July 26, 2012, 04:30 pmSome Linux distros, such as TAILS or Libert Linux already have the necessary programs installed.Most distros have it by default (usually in /usr/bin/gpg), but it may not be the most recent version and may not always include a GUI. Both Debian and Red Hat based distros use GPG for authentication of packages (.deb and .rpm) in their package management systems.Quote from: nomodeset on July 26, 2012, 04:30 pmI recommend to always verify PGP signatures of the downloaded programs and think we missed this step here.I agree, but most people on this thread are learning to use it for the first time and haven't yet reached the point of verifying a file by the signature. Hopefully we'll get to that.