When transmitting sensitive information, we never want to send unencrypted e-mails, but use GPG/PGP encryption.
Before starting, create a new entry in KeePass for your GPG key and create a new password. See the Security Guidelines for password policies.
Start generating a key by running the following command in your terminal
You may check which keys you will be exporting for your e-mail address (we use
email@example.com here, change accordingly). If you have old/expired keys in there, delete them.
gpg --list-keys firstname.lastname@example.org
Export your public key (remember to use your e-mail address as an argument for the
gpg -a --output firstname.lastname.asc --export email@example.com
Distribute your public key part using a secure medium to prevent Man-in-the-middle attacks.
gpg --import someone.asc
sudo apt-get install enigmailon Ubuntu.
gpg --keyserver keyserver.ubuntu.com --send-keys firstname.lastname@example.org(optionally repeat for other hosts)
Eventually, your key will expire. In that case, you can extend your key's expiry and push an update to the key servers.
We have a separate card on how to do this.
If you use a notebook in addition to your desktop PC, you will want to transfer your key pair.
We have a card for that as well.