Marco Cetica
Home / About / Contact

CONTACT ME USING GPG

2024-12-16
This is a short guide on how to get in touch with me using GPG to encrypt the content of the email or to verify the digital signature of my responses.

Verify §

First of all, be sure to have a recent version of GnuPG[1] installed on your computer, this guide has been tested using GnuPG 2.4.6 with libgcrypt 1.10.3; any modern version of this software should also work.

After that, import my public GPG key using the following command[2]: 

$ curl -sL https://marcocetica.com/static/misc/gpg.txt | gpg --import
Then check whether the key has been successfully imported using the following command: 

$ gpg --list-keys --with-fingerprint
        ------------------------
        pub   ed25519 2023-10-27 [SC]
        AC36 3A3C 4F73 1F14 EBDD  F509 4506 0A94 9E90 D0FD
        uid           [ unknown] Marco Cetica <email@marcocetica.com>
        sub   cv25519 2023-10-27 [E]
Specifically, check whether the fingerprint matches the one listed above. If they differ, the key must not be trusted. Otherwise, tell GPG to trust my public key by signing it with your private one: 

$ gpg --sign-key email@marcocetica.com
Are you sure that you want to sign this key with your
key "John Doe <johndoe@gmail.com>" (37FC3CC7CD672F4C)

Really sign? (y/N) y
Then, copy the body of the message inside a text file called mail.txt, for instance: 

$ cat mail.txt
Hi John,

Thanks for reaching out. The correction you have proposed has been
pushed into production and should already be available on the website.

Thanks again for your help.

Greetings,
Marco Cetica.
And the signature of the message inside another file called mail.txt.asc, that is: 

$ cat mail.txt.asc

-----BEGIN PGP SIGNATURE-----

iHUEABYKAB0WIQSsNjo8T3MfFOvd9QlFBgqUnpDQ/QUCZ2A7YAAKCRBFBgqUnpDQ
/UC8AP9JTJ2YztLM2vyJMwMfHFL4pzXs2unQVwKuvOPoc763OAD/U5MYTS32mPKB
K3tx9hLu1IXbHjlZDpR8wiRya7E6TgU=
=kNpW
-----END PGP SIGNATURE-----
Now verify the authenticity of the message by issuing 

$ gpg --verify mail.txt.asc mail.txt
You should get something like that: 

gpg: Signature made Mon Dec 16 14:38:24 2024 UTC
gpg: using EDDSA key AC363A3C4F731F14EBDDF50945060A949E90D0FD
[...]
Good signature from "Marco Cetica <email@marcocetica.com>" [full]

Encrypt §

Be sure to import, verify and trust my public key as shown in the VERIFY section. Then, encrypt your message using the following command: 

$ gpg --encrypt --armor -r email@marcocetica.com mail.txt
Copy the content of mail.txt.asc to the body of the email 

$ cat mail.txt.asc
-----BEGIN PGP MESSAGE-----

hF4D2rf3qAdOwyUSAQdA23dEXdBAt4l9EkTOZ3e2l12xj7kx+pAU/vzvreMbSFww
0LOicOtYV0Q34mvwtFvBT3AKP9newAnz+hbBjrub/T6EOFo42bdN2lcEKE5Pb2Lx
0lwB4J55X96LdW3rO5rZtkOtZoi/3DplaAL6waHvtmS6bYqJZfdulyKswtjxkRgk
O0MbVKXX+zl1Bzm9n+3qBUfmTz4Rbt5KYREBREto+Ff/pY6oYNYzcwHnndHC0w==
=1OAg
-----END PGP MESSAGE-----
Be sure to attach(or link) your public key along with the encrypted message, otherwise I won't be able to send an encrypted response.

Decrypt §

As always, import, verify and trust mu public key as shown in the VERIFY section. Then, copy the body of the email inside a text file. For example: 

$ cat secret_message.asc
-----BEGIN PGP MESSAGE-----

hQGMA9ucoQfsoel4AQv/T5ZjrsOgd/2W+AKxuOnwSuwrXVap2t2WN2HbSIJs7N9r
ai6dlO2JJQUbefApEHocmswSVtq9K9t2HTwMU6NTpWshlCvihfB1Qb7IbL7Em6v1
q479hbGS287Wpn8QGwUa5AZs2KVKw6N6MXoREK3Y7AhhknUgkdk0inv9jkQyfiBY
Kzn8F8ttSlBzNH/f7eE0J2RKfO/jgTtvA52eywVY/5trrbHWDGIX/7ACO/43FK5N
m5lf46iT0IfdRvN7aOQTA+HZOZQxq7UObJac3fDLsf08JxUxAmaiLpGOelIxaUtS
4Gm97JydzzbriRXIoMbrwBh+jBVjgc4AQn8so03SQcAgfew9rgMFzLfMbb139pbX
DMlhveRFoXFeBQlmFqiReXpAwjoGU2NmUgwFc7NXP/QE7uNBCVQ6sDNzsnbgB/8g
vMdlw0Mwce8AXkG2kNiBv9eVORCdIvNbwlDycUfLnVMIH1Fhl31LgTo3xtSu4see
1PyU0HZkI1xkO+JoD8/n0sAuAYYRK8wDyW9hsA2JGB2wVY34DjD3eQnXJM6pw06P
UVBUJ/lidm4Tb68f4x1r5YYFZejMmx1ScHQtqmytW2Ams8O+3K48WxooYOsO2AHo
goVSBCd269sTsJym6Tsm0R7e/LGr+g97nsi9qSD0wn8QBXRWxgRVy+BGkm4OdCH2
xd+imtX2NW+rdjMnUU4NEbcR0VfoZB8nZUDnRWKNSa3wlaWfXP2QLdTyv4iCw2j7
jZFJeLnreVf1vzcnRKD8R0kUqTzWRvVS9SiuOrykCbzwm0/RQBH3fegAZ2Dseixz
8zNvY44703+CmJinnP4HCA==
=G+Y3
-----END PGP MESSAGE-----
And finally decrypt it with the following command: 

$ gpg --decrypt secret_message.asc
HEY, I've receieved your super secret message =)
gpg: Signature made Mon Dec 16 15:07:26 2024 UTC
gpg: using EDDSA key AC363A3C4F731F14EBDDF50945060A949E90D0FD
gpg: Good signature from "Marco Cetica <email@marcocetica.com>" [full]
This will both decrypt and verify the message using your private key and my public key, respectively.

References §

[1]: GPG Homepage

[2]: You can also find my public GPG key on the ubuntu's keyserver using email@marcocetica.com as my email address.