The Open Source

Appearance

PGP / GPG

PGP (Pretty Good Privacy) and GPG (GNU Privacy Guard) are tools used to encrypt data and verify authorship through cryptographic signatures. They are widely used in software development, security, and open-source projects.

This subject provides a structured, student-focused introduction to using GPG in practical scenarios.

Who this subject is for

  • Students encountering GPG through Git, GitHub, or GitLab
  • Students who need to encrypt or sign files for projects
  • Anyone who wants to understand GPG without cryptographic theory

How this subject is structured

This subject is split into focused sections that can be read independently or in order:

  • Introduction
    Core concepts: what PGP/GPG is, what it does, and why it exists.

  • Key management
    Creating, storing, backing up, and revoking keys safely.

  • Encrypting and signing
    Practical file encryption, decryption, signing, and verification.

  • GPG and Git
    Using GPG to sign Git commits and understand verified history.

  • Cheatsheet
    A compact reference of common commands and workflows.

How to use this subject

If you are new to GPG, start with the Introduction and read the sections in order.
If you already use GPG, the Cheatsheet can be used as a quick reference.

Scope

  • Linux is used as the reference platform
  • Commands are kept minimal and practical
  • Cryptographic theory is intentionally avoided