How and Why to Use GPG in Slack

What is GPG? GPG stands for GNU Privacy Guard (gnupg.org).

GPG is a way to securely encrypt and decrypt text. For example, say you want to share a username, password, or any other sensitive information with a trusted person via Slack, GPG allows you to send that message securely. You never know if Slack could get hacked again.

To leverage this secure messaging both sender and recipient require a private key.

Setup:

To generate a private key, download GPG tools at gpgtools.org.

Once you’ve generated a new key pair upload your public key to a key server so that others can find it.

Encrypt the message:

Create a new text file and type your message

Go to Finder, locate file, right click, scroll down to services, and select OpenPGP: Encrypt File.

A prompt will show asking who the message is for. You need the public key of your recipient.

Because I have Jake’s public key I’m able to select him as a recipient – only his private key will open the message.

I send Jake the gpg file in Slack,

To read the message Jake needs to decrypt it.

Decrypt the message: type `gpg` in the terminal.

Paste the contents of the encrypted message

Should look something like this:

then hit enter.

You can also decrypt from the command line like Jake’s example by typing `gpg —decrypt —armor {name-of-file}

GPG has everything you need to protect your files and implementing it correctly can help you secure your communications with clients, coworkers and partners alike. This is not only helpful with private information, but even when dealing with regular day to day messaging.

Related Posts