Cryptography as a concept is one thing. Understanding why it matters, how the mathematics work, what makes a key a key, that’s the foundation, and I covered it in Cryptography: The Weapon They Couldn’t Ban. But theory only gets you to the door. What’s on the other side is a terminal, a handful of CLI commands, and the particular satisfaction of holding something the system cannot touch. This guide is how I actually use GPG. My setup, my choices, my keys.

In 1991, a programmer named Phil Zimmermann released a piece of software called Pretty Good Privacy. It let anyone encrypt a message so completely that no government, no corporation, no intelligence agency could read it without the key. He put it on the internet for free.

The United States government opened a criminal investigation.

The charge was arms trafficking.

Not metaphorically. Literally. The US State Department had classified strong encryption as a munition, in the same legal category as tanks, fighter jets, and missiles. Exporting it without a licence was a federal crime. Zimmermann had put PGP on a public server. People outside the US had downloaded it. As far as the government was concerned, he had shipped weapons across borders.