Convalesco

There are many reasons, why we would like to have GnuPG installed in our systems, so I wont lose time explaining the “why” of this article!
First install MacPorts. Follow the documentation here. The BSD system is a very powerful tool for our MacOSX system. Then learn how to use ports.
Afterwards, try this:

libertad:~ atma$ port search gnupg
qca-gnupg                      devel/qca-gnupg 2.0.0-beta2  Qt Cryptographic Architecture - openssl plugin
gnupg                          mail/gnupg     1.4.9        GNU pretty-good-privacy package
gnupg12                        mail/gnupg12   1.2.7        GNU Privacy Guard
gnupg2                         mail/gnupg2    2.0.9        GNU pretty-good-privacy package
p5-gnupg-interface             perl/p5-gnupg-interface 0.33         Perl interface to GnuPG
py-gnupg                       python/py-gnupg 0.3.2        GnuPGInterface is a Python module to interface with GnuPG
py25-gnupg                     python/py25-gnupg 0.3.2        GnuPGInterface is a Python module to interface with GnuPG

Now, let’s install the GnuPG 2.0 version which is more secure and recent anyway:

libertad:~ atma$ sudo port install gnupg2
Password:
--->  Fetching bison
--->  Attempting to fetch bison-2.3.tar.bz2 from http://ftp.gnu.org/gnu/bison
--->  Verifying checksum(s) for bison
--->  Extracting bison
--->  Configuring bison
--->  Building bison with target all
[...]
--->  Building gnupg2 with target all
--->  Staging gnupg2 into destroot
--->  Installing gnupg2 2.0.9_0
--->  Activating gnupg2 2.0.9_0
--->  Cleaning gnupg2

Then just issue the command:

libertad:~ atma$ sudo ln -sf /opt/local/bin/gpg2 /opt/local/bin/gpg

done here!

What are we going to do now, is create our private key-pair. Just type:

libertad:~ atma$ which gpg
/opt/local/bin/gpg
gpg (GnuPG) 2.0.9; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
        (1) DSA and Elgamal (default)
	(2) DSA (sign only)
        (5) RSA (sign only)
Your selection? 1
DSA keypair will have 1024 bits.
ELG keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
	0 = key does not expire
	  = key expires in n days
	w = key expires in n weeks
	m = key expires in n months
       y = key expires in n years
Key is valid for? (0) 2y
Key expires at Mon May 31 19:15:25 2010 EEST
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) "

Real name: Panagiotis Atmatzidis
Email address: p.atmatzidis@panda-gr.com
Comment: atma
You selected this USER-ID:
	"Panagiotis Atmatzidis (atma)

"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

can't connect to `/Users/atma/.gnupg/S.gpg-agent': No such file or directory

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

gpg: key 6436970B marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u
gpg: next trustdb check due at 2009-11-20
pub   1024D/6436970B 2008-05-31 [expires: 2010-05-31]
Key fingerprint =
uid                  Panagiotis Atmatzidis (atma)


sub    [expires: 2010-05-31]

Your keys are ready. You can find in the directory $HOME/.gnupg/ . Your keys can be used to sign and most importantly encrypt files. We are going to
use it for messages but it’s not the only use. PGP can be used to files sign also when used from command line. The last version of Nautilus, the famous
GNOME file manager, supports on the fly encryption of files with the mouse right click on the file, using GnuPG keys.

To see your key and create a public.key file just type:

libertad:~ atma$ gpg --list-keys
libertad:~ atma$ gpg --export --armor  ~/Desktop/atma-key.asc

Now you can share your key with anyone! You can submit to the http://pgp.mit.edu server for others to find it easily!

In order to use our GPG with Mail me need to install GPGMail package.Note that there are multiple versions available. Choose the one that applies to your system MacOSX 10.4, 10.3 or 10.5. Just download the package and put the “GPGMail.mailbundle” in the $HOME/Library/Mail/Bundles directory. If the directory does not exist, you can created it manually.

More info on GnuPG command line usage can be found at dewinter’s page, there is of course the official documentation. Note that the GnuPG can handle other algorithms like IDEA, using external plugins. Hope this small & dirty guide was helpful for you too!

Then just open the Mail.app and go to Preferences -> PGP.