Securing Files
This is for Windows, better and more detailed guides are readily available for Linux
Using BitLocker to create an encrypted drive:
Run diskmgmt.msc (this requires admin privileges and is the single biggest reason bitlocker is not as good as TrueCrypt)
Action - Create VHD (VHD is fine for this since a couple hundred MB would probably be plenty) and initialize it (right click the drive and GPT is best but MBR is fine and required on smaller drives)
Create a partition on the drive (right click the volume)
Right click the drive and turn on BitLocker in Explorer, with passwords.
Here's a handy bat script (thanks in part to headsigned.com):
@ECHO OFF
SET VirtualDiskLocation="%CD%\Keys_Certs_and_Similar.vhd"
SET DiskPartScriptLocation="%TEMP%\DiskMountScript-%RANDOM%.txt"
ECHO SELECT VDISK FILE=%VirtualDiskLocation% > %DiskPartScriptLocation%
ECHO ATTACH VDISK >> %DiskPartScriptLocation%
echo select partition 1 >> %DiskPartScriptLocation%
echo assign letter=T >> %DiskPartScriptLocation%
DiskPart /s %DiskPartScriptLocation%
DEL %DiskPartScriptLocation%
See: http://www.howtogeek.com/193013/how-to-create-an-encrypted-container-file-with-bitlocker-on-windows/
Encrypting files with PGP:
Actually using OpenPGP (actually gnupg): you will need to install: gpg4win-light
Set up an admin shell, and run: setx path "%path%;c:\Program Files (x86)\GNU\GnuPG\" (Substitute your correct path as needed)
Create keys:
gpg --gen-key
gpg --export > public.key
gpg --export-secret-keys > private.key
gpg --export --armor > public.key.txt
gpg --export-secret-keys --armor > private.key.txt
Keep your private key safe. Share your public key everywhere!
Here's what an example of using gpg for asymmetric encryption looks like on Windows:
C:\temp\gpg>gpg --list-keys
gpg: C:/Users/boyce/AppData/Roaming/gnupg/trustdb.gpg: trustdb created
C:\temp\gpg>gpg --import anc-at-yah.gpg.public.key
gpg: key B88EB520: public key "Boyce Crownover (Expires 05May2026 Created 06May2016) <ancientt@yahoo.com>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
C:\temp\gpg>gpg --list-keys
C:/Users/boyce/AppData/Roaming/gnupg/pubring.gpg
------------------------------------------------
pub 2048R/B88EB520 2016-05-06 [expires: 2026-05-04]
uid [ unknown] Boyce Crownover (Expires 05May2026 Created 06May2016) <ancientt@yahoo.com>
sub 2048R/B5CB7A58 2016-05-06 [expires: 2026-05-04]
C:\temp\gpg>gpg --encrypt --recipient 'Boyce Crownover' TextDocumentExample.txt
usage: gpg [options] --encrypt [filename]
C:\temp\gpg>gpg --encrypt --recipient "Boyce Crownover" TextDocumentExample.txt
gpg: B5CB7A58: There is no assurance this key belongs to the named user
sub 2048R/B5CB7A58 2016-05-06 Boyce Crownover (Expires 05May2026 Created 06May2016) <ancientt@yahoo.com>
Primary key fingerprint: FCA3 EC13 7808 D354 BE95 5534 7816 B522 B88E B520
Subkey fingerprint: C175 DA12 A3DE B65F DC0E 71D9 1104 2CC3 B5CB 7A58
It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.
Use this key anyway? (y/N) y
C:\temp\gpg>gpg --decrypt TextDocumentExample.txt.gpg > Decrypted.TextDocumentExample.txt
C:\temp\gpg>dir
Directory of C:\temp\gpg
05/17/2016 12:01 PM <DIR> .
05/17/2016 12:01 PM <DIR> ..
05/06/2016 10:36 AM 3,702 anc-at-yah.gpg.private.key
05/06/2016 10:36 AM 1,806 anc-at-yah.gpg.public.key
05/17/2016 12:01 PM 33 Decrypted.TextDocumentExample.txt
05/17/2016 11:55 AM 376 TextDocumentExample.txt.gpg
05/17/2016 11:48 AM 0 pubring.gpg
05/17/2016 11:48 AM 0 pubring.gpg.lock
05/17/2016 11:48 AM 0 secring.gpg
05/17/2016 11:48 AM 0 secring.gpg.lock
05/17/2016 11:54 AM 33 TextDocumentExample.txt
9 File(s) 5,950 bytes
2 Dir(s) 1,020,076,032 bytes free