A Beginner’s Guide to PGP Encryption Using Kleopatra

Learn how to create PGP keys, encrypt emails, sign documents, and verify identities using Kleopatra—the free, open-source encryption tool for Windows, macOS, and Linux.
security
privacy
encryption
pgp
tutorial
Author

Md Abdus Samad

Published

Friday, February 6, 2026

Want to send encrypted emails that only the recipient can read? Or digitally sign documents to prove they came from you? PGP (Pretty Good Privacy) encryption makes this possible, and Kleopatra is one of the easiest tools to get started.

What Is Kleopatra?

Kleopatra is a free, open-source certificate manager and GUI for GnuPG (GPG). It’s part of the Gpg4win project for Windows and is also available on macOS and Linux.

With Kleopatra, you can:

  • Generate PGP key pairs (public and private keys)
  • Encrypt and decrypt files and emails
  • Digitally sign documents
  • Verify signatures from others
  • Manage your keyring (collection of keys)

Installing Kleopatra

Windows

  1. Download Gpg4win
  2. Run the installer and select “Kleopatra” component
  3. Complete the installation

macOS

  1. Download GPG Suite
  2. Install the package (includes GPG Keychain, similar to Kleopatra)

Linux

# Ubuntu/Debian
sudo apt install kleopatra

# Fedora
sudo dnf install kleopatra

# Arch
sudo pacman -S kleopatra

Step 1: Generate Your PGP Key Pair

Your key pair consists of:

  • Public Key — Share this with everyone; others use it to encrypt messages to you
  • Private Key — Keep this secret; you use it to decrypt messages and sign documents

Creating Keys in Kleopatra

  1. Open Kleopatra
  2. Click File → New OpenPGP Key Pair (or New Key Pair)
  3. Enter your details:
    • Name: Your full name
    • Email: Your email address
  4. Click Advanced Settings (optional):
    • Key type: RSA or ECC (ECC is newer and faster)
    • Key size: 4096 bits for RSA (more secure)
    • Expiration: Set an expiry date (recommended for security)
  5. Click Create
  6. Enter a strong passphrase (you’ll need this to use your private key)
  7. Wait for key generation to complete
TipPassphrase Tips

Use a long, memorable passphrase like: correct-horse-battery-staple-2026!

Never share your passphrase with anyone!

Step 2: Export Your Public Key

To let others send you encrypted messages, share your public key.

Export as a File

  1. In Kleopatra, right-click your key
  2. Select Export…
  3. Save as yourname-public-key.asc
  4. Upload this file to your website or share directly

Export to Clipboard

  1. Right-click your key
  2. Select Export…
  3. Copy the text block starting with -----BEGIN PGP PUBLIC KEY BLOCK-----
  4. Paste into an email or website

What It Looks Like

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBGV2example...
(many lines of random characters)
...
-----END PGP PUBLIC KEY BLOCK-----

Step 3: Get Your Key Fingerprint

The fingerprint is a unique identifier that verifies your key’s authenticity.

  1. In Kleopatra, double-click your key
  2. Look for Fingerprint in the details
  3. It looks like: 4BE3 AF82 A243 5F1A C5BF C7AA 81CB 40B1 85B4 F5E0

Publish this on your website so others can verify they have the correct key.

Step 4: Import Someone Else’s Public Key

To send encrypted messages to someone, you need their public key.

Import from File

  1. Download their .asc public key file
  2. In Kleopatra, click File → Import…
  3. Select the file
  4. The key appears in your keyring

Import from Clipboard

  1. Copy their public key text (including the BEGIN/END lines)
  2. In Kleopatra, click Tools → Clipboard → Certificate Import

Verify the Key

Before trusting a key, verify the fingerprint matches what the owner published:

  1. Double-click the imported key
  2. Compare the fingerprint with their website/business card
  3. If it matches, right-click → Certify to mark it as trusted

Step 5: Encrypt a File or Message

Encrypt a File

  1. Right-click any file in Windows Explorer
  2. Select Sign and encrypt (or find it in the context menu)
  3. Choose the recipient’s public key
  4. Click Encrypt
  5. A new .gpg file is created—send this to the recipient

Encrypt Text in Kleopatra

  1. Click Notepad icon in Kleopatra (or Tools → Notepad)
  2. Type your message
  3. Click Recipients… and select who should read it
  4. Click Encrypt Notepad
  5. Copy the encrypted text and send via email

What Encrypted Text Looks Like

-----BEGIN PGP MESSAGE-----

hQEMA8PD1Gv4example...
(unreadable encrypted content)
...
-----END PGP MESSAGE-----

Only the recipient with the matching private key can decrypt this!

Step 6: Decrypt a File or Message

Decrypt a File

  1. Double-click the .gpg file, or
  2. Right-click → Decrypt and verify
  3. Enter your passphrase
  4. The decrypted file is saved

Decrypt Text

  1. Copy the encrypted message (including BEGIN/END lines)
  2. In Kleopatra, go to Tools → Clipboard → Decrypt/Verify
  3. Enter your passphrase
  4. Read the decrypted message

Step 7: Digitally Sign a Document

Signing proves a document came from you and hasn’t been tampered with.

Sign a File

  1. Right-click the file
  2. Select Sign and encrypt
  3. Check only Sign (uncheck encrypt if you want it readable)
  4. Select your key
  5. Enter your passphrase
  6. A .sig signature file is created

Sign Text

  1. Open Notepad in Kleopatra
  2. Type your message
  3. Click Sign Notepad
  4. The signed message includes your signature block

What a Signed Message Looks Like

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

This is my original message that I'm signing.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE...
(signature data)
-----END PGP SIGNATURE-----

Step 8: Verify a Signature

To confirm a signed document is authentic:

  1. You need the sender’s public key in your keyring
  2. Right-click the signed file → Decrypt and verify
  3. Kleopatra shows:
    • Valid signature — The document is authentic
    • Invalid signature — The document was modified or the signature is fake

Publishing Your Public Key on Your Website

For a personal academic website, add to your footer or contact page:

  1. Link to your public key file:

    <a href="/files/my-public-key.asc">Download my PGP public key</a>

  2. Display your fingerprint:

    Fingerprint: 4BE3 AF82 A243 5F1A C5BF C7AA 81CB 40B1 85B4 F5E0

  3. Upload to a key server (optional):

    • In Kleopatra: Right-click key → Publish on Server
    • Others can find your key by searching your email

Practical Use Cases for Researchers

Scenario How PGP Helps
Receiving sensitive data Sources can encrypt files so only you can read them
Sharing pre-publication manuscripts Encrypt drafts sent to collaborators
Signing releases Prove that code/data releases are authentic
Secure communication Encrypted email with journalists or collaborators
Verifying identity Others can confirm messages really came from you

Quick Reference: Kleopatra Shortcuts

Action How to Do It
Create new key File → New OpenPGP Key Pair
Export public key Right-click key → Export
Import a key File → Import
Encrypt file Right-click file → Sign and encrypt
Decrypt file Double-click .gpg file
Sign text Notepad → Sign Notepad
Verify signature Right-click → Decrypt and verify

Summary

PGP encryption with Kleopatra lets you:

  1. Generate keys — Create your public/private key pair
  2. Share your public key — Let others send you encrypted messages
  3. Encrypt — Send confidential files that only the recipient can read
  4. Decrypt — Read encrypted messages sent to you
  5. Sign — Prove documents came from you
  6. Verify — Confirm signatures from others are authentic
TipGetting Started Checklist
WarningSecurity Reminders
  • Never share your private key — Only share the public key
  • Protect your passphrase — If someone gets it, they can impersonate you
  • Back up your private key — Store it securely (encrypted USB, password manager)
  • Verify fingerprints — Always confirm keys match before trusting them

Citation

BibTeX citation:
@online{abdus_samad2026,
  author = {Abdus Samad, Md},
  title = {A {Beginner’s} {Guide} to {PGP} {Encryption} {Using}
    {Kleopatra}},
  date = {2026-02-06},
  url = {https://www.drabdus.com/blog/2026/02/06/pgp-encryption-kleopatra-guide/},
  langid = {en}
}
For attribution, please cite this work as:
Abdus Samad, Md. 2026. “A Beginner’s Guide to PGP Encryption Using Kleopatra.” February 6, 2026. https://www.drabdus.com/blog/2026/02/06/pgp-encryption-kleopatra-guide/.