DrugHub PGP Encryption Security Setup Guide

PGP Setup Guide

Master encryption for secure DrugHub marketplace communications

Installing GnuPG for DrugHub

Windows Installation

Download Gpg4win for Windows DrugHub PGP operations. Install with Kleopatra GUI for easier key management. Verify installer signature before running. Configure Gpg4win for 4096-bit RSA keys required by DrugHub marketplace.

Mac Installation

Install GPG Suite for macOS DrugHub usage. Includes GPG Keychain for visual key management. Or use Homebrew: brew install gnupg. Verify installation: gpg --version

Linux Installation

Most Linux distributions include GnuPG by default for DrugHub PGP needs. Ubuntu/Debian: sudo apt install gnupg. Fedora: sudo dnf install gnupg. Already have it? Check: gpg --version

Generating DrugHub PGP Keys

Step-by-Step Key Generation

  1. Open terminal/command prompt
  2. Run: gpg --full-generate-key
  3. Select: (1) RSA and RSA
  4. Key size: 4096 bits (DrugHub requirement)
  5. Expiration: 2-5 years recommended
  6. Name: Use pseudonym, not real name
  7. Email: Create disposable email for DrugHub
  8. Passphrase: Strong unique passphrase
  9. Wait for key generation (may take 5-10 minutes)

✅ Good Practices

Use 4096-bit keys for DrugHub (maximum security). Create dedicated keys for DrugHub marketplace only. Use strong passphrase protecting private key. Set expiration date (2-5 years). Backup private key to multiple secure offline locations.

❌ Avoid These Mistakes

Don't use real name in DrugHub PGP keys. Don't skip passphrase (leaves private key unprotected). Don't use keys shorter than 4096-bit for DrugHub. Don't reuse keys between DrugHub and clearnet identities. Don't upload private key anywhere.

Essential PGP Commands for DrugHub

List Your Keys

gpg --list-keys
gpg --list-secret-keys

View all public and private keys on your system for DrugHub usage.

Export Public Key

gpg --armor --export your@email.com

Export public key to upload to DrugHub marketplace or share with vendors.

Import Vendor Key

gpg --import vendor_key.asc

Import DrugHub vendor public keys to encrypt messages to them.

Encrypt Message

gpg --encrypt --armor -r vendor@email.com message.txt

Encrypt messages to DrugHub vendors using their public key.

Decrypt Message

gpg --decrypt message.asc

Decrypt DrugHub login challenges or vendor messages with your private key.

Sign Message

gpg --sign --armor message.txt

Sign messages proving they came from you on DrugHub marketplace.

Using PGP with DrugHub

DrugHub Login Authentication

DrugHub presents encrypted challenge message at login. Copy entire PGP block including headers. Save to file (challenge.txt). Decrypt: gpg --decrypt challenge.txt. Copy decrypted code. Paste into DrugHub login form. This proves you possess private key matching your registered public key on DrugHub.

Messaging DrugHub Vendors

Always encrypt messages containing addresses or sensitive info to DrugHub vendors. Import vendor's public key from their DrugHub profile. Write message in text editor. Encrypt to vendor's key. Copy encrypted text to DrugHub messaging system. Vendor decrypts with their private key.

Verifying DrugHub Announcements

DrugHub administrators sign official announcements with PGP. Import DrugHub official public key. When you see signed announcement, verify: gpg --verify announcement.asc. Only trust DrugHub announcements with valid PGP signatures. Phishing sites cannot forge valid signatures.

Master PGP for DrugHub

Practice encrypting and decrypting test messages before using PGP for real DrugHub marketplace operations.

Register on DrugHub OPSEC Guide